National Institute of Standards and Technology
Package illustrating a test case

Test case 157050

Description

Unsafe sample
input : use exec to execute the script /tmp/tainted.php and store the output in $tainted
sanitize : cast into int
construction : concatenation with simple quote

Flaws

Test Suites

Have any comments on this test case? Please, send us an email.