Package illustrating a test case

Test case 2162

Type: source code
State: bad
Author: Charline Cleraux
Status: accepted
Language: Java
Submission Date: 02 Feb 2010

Description

This servlet implements an SQL injection vulnerability with an array index complexity: an unsanitized SQL request is sent to the database.

Flaws

CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Test Suites

Java Test Suite for Source Code Analyzer - weakness

Have any comments on this test case? Please, send us an email.