Test case 183132

Type: source code
State: bad
Author: Bertrand Stivalet and Aurelien Delaitre
Status: candidate
Language: PHP
Submission Date: 20 Oct 2015

Description

Unsafe sample
input : get the $_GET['userData'] in an array
Flushes content of $sanitized if the filter email_filter is not applied
construction : interpretation with simple quote

Flaws

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Test Suites

PHP Vulnerability Test Suite

Have any comments on this test case? Please, send us an email.