1.3

core/forms.py

@@ -1,4 +1,8 @@
 from django import forms
 
 class UploadFileForm(forms.Form):
-    file = forms.FileField()
+    file = forms.FileField()
+
+class VulnerabilitySearchForm(forms.Form):
+    application_name = forms.CharField(max_length=100, label="Application Name")
+    application_website = forms.URLField(label="Application Website", required=False)

core/templates/core/index.html

@@ -63,6 +63,21 @@
         </div>
     </div>
 
+    <div class="card mb-4">
+        <div class="card-header">
+            <i class="bi bi-search me-2"></i>
+            Vulnerability Search
+        </div>
+        <div class="card-body">
+            <form action="{% url 'vulnerability_search' %}" method="get">
+                <div class="input-group">
+                    <input type="text" class="form-control" name="application_name" placeholder="Enter application name...">
+                    <button class="btn btn-primary" type="submit">Search</button>
+                </div>
+            </form>
+        </div>
+    </div>
+
     <div class="card">
         <div class="card-header d-flex justify-content-between align-items-center">
             <div>

core/templates/core/vulnerability_search.html

@@ -0,0 +1,25 @@
+{% extends 'base.html' %}
+
+{% block content %}
+<div class="container mt-4">
+    <h2>Vulnerability Search</h2>
+    <form method="post">
+        {% csrf_token %}
+        {{ form.as_p }}
+        <button type="submit" class="btn btn-primary">Search</button>
+    </form>
+
+    {% if results %}
+    <hr>
+    <h3>Search Results</h3>
+    <div class="list-group">
+        {% for result in results %}
+        <div class="list-group-item">
+            <h5 class="mb-1">{{ result.cve_id }}</h5>
+            <p class="mb-1">{{ result.description }}</p>
+        </div>
+        {% endfor %}
+    </div>
+    {% endif %}
+</div>
+{% endblock %}

core/urls.py

@@ -1,8 +1,9 @@
 from django.urls import path
 
-from .views import dashboard, upload_inventory
+from .views import dashboard, upload_inventory, vulnerability_search
 
 urlpatterns = [
     path("", dashboard, name="dashboard"),
     path("upload/", upload_inventory, name="upload_inventory"),
+    path("search/", vulnerability_search, name="vulnerability_search"),
 ]

core/views.py

@@ -1,8 +1,9 @@
 from django.shortcuts import render, redirect
 from .models import Application, Vulnerability
-from .forms import UploadFileForm
+from .forms import UploadFileForm, VulnerabilitySearchForm
 import csv
 import io
+import requests
 
 def dashboard(request):
     # Placeholder data
@@ -47,3 +48,25 @@ def upload_inventory(request):
     else:
         form = UploadFileForm()
     return render(request, 'core/upload_inventory.html', {'form': form})
+
+def vulnerability_search(request):
+    form = VulnerabilitySearchForm()
+    results = []
+    if request.method == 'POST':
+        form = VulnerabilitySearchForm(request.POST)
+        if form.is_valid():
+            application_name = form.cleaned_data['application_name']
+            # Basic search using NVD API
+            url = f"https://services.nvd.nist.gov/rest/json/cves/1.0?keyword={application_name}"
+            try:
+                response = requests.get(url)
+                data = response.json()
+                if 'result' in data:
+                    for cve_item in data['result']['CVE_Items']:
+                        cve_id = cve_item['cve']['CVE_data_meta']['ID']
+                        description = cve_item['cve']['description']['description_data'][0]['value']
+                        results.append({'cve_id': cve_id, 'description': description})
+            except requests.exceptions.RequestException as e:
+                form.add_error(None, f"Error fetching data from NVD: {e}")
+
+    return render(request, 'core/vulnerability_search.html', {'form': form, 'results': results})

requirements.txt

@@ -1,3 +1,4 @@
 Django==5.2.7
 mysqlclient==2.2.7
 python-dotenv==1.1.1
+requests