def filter():
global filterStart
if request.method == "POST":
__filterBY__ = request.form['filter']
__modu__ = request.form['modules']
__summary__ = {}
__modules__ = __modu__.split(',')
for item in __modules__:
__summary__[item] = []
db = Database("database/vfeed.db")
__conn__ = db.Establish_connection()
if __modules__ is not None:
for item in __modules__:
if (item != " " and __conn__):
query = "select cveid,date_published,date_modified,summary from nvd_db where summary like '%{0}%' order by {1} desc limit {2},10".format(
item, __filterBY__, filterStart)
# query = "select cveid,date_published,date_modified,summary from nvd_db where summary like '% microsoft%' order by cveid limit 10"
cur = __conn__.execute(query)
rows = cur.fetchall()
for row in rows:
__summary__[item].append(row)
__conn__.close()
return render_template('public/home.html',
__summary__=__summary__,
error=0)
return render_template('public/test.html',
filter=__filterBY__,
modules=__modules__)
def process_next():
global start
start = start + 10
if request.method == "POST":
__summary__ = {}
__cveid__ = {}
__modules__ = []
__modules__ = request.form['next'].split(',')
__pages__ = False
pages = 0
if __modules__ is not None:
db = Database("database/vfeed.db")
__conn__ = db.Establish_connection()
if __conn__: # Got a database connection
for item in __modules__: # check every module in module list
__summary__[item] = [
] # save this module to the summary dictionary with empty list
__cveid__[item] = []
for item in __modules__:
if (item != ""):
total_rows_query = "select count(*) from nvd_db where summary like '%{0}%'".format(
item)
cur = __conn__.execute(total_rows_query)
total_rows = cur.fetchone(
) # returns a tuple
total_pages = total_rows[0] // 10
if total_pages - start > 10:
pages = pages + int(total_pages)
if start > pages:
start = 0
else:
__pages__ = True
query = "select cveid,date_published,date_modified,summary from nvd_db where summary like '%{0}%' limit {1},10 ".format(
item, start)
cur = __conn__.execute(query)
rows = cur.fetchall()
for row in rows:
__summary__[item].append(
[row[0], row[1], row[2], row[3]])
__conn__.close()
return render_template('public/home.html',
__summary__=__summary__,
error=0,
pages=__pages__)
else:
return render_template('500.html',
error="Error connecting Database",
summary=0)
else:
return render_template("401.html",
error="No modules found",
summary=0)
else:
return render_template("401.html", error="Get Method Not Supported")
def response():
__summary__ = {}
__cveid__ = {}
__pages__ = False
if request.method == "POST":
__modules__ = request.form['data'].split(',')
if __modules__ is not None:
db = Database("database/vfeed.db")
__conn__ = db.Establish_connection()
if __conn__: # Got a database connection
for item in __modules__: # check every module in module list
if item is not None: # and item not in excludes:
__summary__[item] = [
] # save this module to the summary dictionary with empty list
__cveid__[item] = []
for item in __modules__:
if (item != ""):
total_rows_query = "select count(*) from nvd_db where summary like '%{0}%'".format(
item)
cur = __conn__.execute(total_rows_query)
total_rows = cur.fetchone()
total_pages = total_rows[0] // 10
if (total_pages > 10):
__pages__ = True
query = "select cveid,date_published,date_modified,summary from nvd_db where summary like '%{0}%' limit 0,10".format(
item)
cur = __conn__.execute(query)
rows = cur.fetchall()
if rows:
for row in rows:
__summary__[item].append(row)
__conn__.close()
return render_template('public/home.html',
__summary__=__summary__,
pages=__pages__,
error=0)
else:
flash("Error connecting database", "success")
return redirect(url_for('public.home'))
else:
return render_template("401.html",
error="No modules found",
summary=0)
flash("Get Method not supported", "success")
# else:
return redirect(url_for('public.home'))
def process_ajax():
global start
start = start + 10
module = request.args.get('a')
if request.method == "GET":
__summary__ = {}
__summary__[module] = []
db = Database("database/vfeed.db")
__conn__ = db.Establish_connection()
if __conn__:
query = "select cveid,date_published,date_modified,summary from nvd_db where summary like '%{0}%' limit {1},10".format(
module, start)
cur = __conn__.execute(query)
rows = cur.fetchall()
__conn__.close()
for row in rows:
__summary__[module].append(row)
return jsonify(result=__summary__)
def process():
if request.method == "POST":
module = request.form['module']
check = request.form['check']
__pages__ = False
if module.lower() not in exc_py.python_excludes():
__summary__ = {}
__summary__[module] = []
db = Database("database/vfeed.db")
__conn__ = db.Establish_connection()
if __conn__:
total_rows_query = "select count(*) from nvd_db where summary like '%{0}%'".format(
module)
cur = __conn__.execute(total_rows_query)
total_rows = cur.fetchone()
total_pages = total_rows[0] // 10
if (total_pages > 10):
__pages__ = True
query = "select cveid,date_published,date_modified,summary from nvd_db where {0} like '%{1}%' limit 0,10".format(
check, module)
cur = __conn__.execute(query)
rows = cur.fetchall()
__conn__.close()
for row in rows:
__summary__[module].append(row)
return render_template("public/home.html",
__summary__=__summary__,
error=0,
pages=__pages__)
else:
flash("Database Error", "success")
return redirect(url_for('public.home'))
# return render_template("500.html",summary=0,error="Database Error")
else:
flash("No Vulnerability found", "success")
return redirect(url_for('public.home'))
# return render_template("401.html",summary=0,error="No Vulnerability found")
else:
flash("GET method not supported")
return redirect(url_for('public.home'))