Test cases - NIST Software Assurance Reference Dataset

Displaying test cases 32001 - 32021 of 32021 in total

CWE-327

199333-v1.0.0

Added 7 years ago

candidate

bad

Hardcoded string input no filtering sink : md5 function
CWE-327

199332-v1.0.0

Added 7 years ago

candidate

bad

input : direct user input in string no filtering sink : md5 function
CWE-327

199331-v1.0.0

Added 7 years ago

candidate

bad

input : shell commands no filtering sink : md5 function
CWE-259

61779-v1.0.0

Added 12 years ago

candidate

bad

This code implements Hard-coded Password vulnerability in a "Loop" structure
CWE-259

61778-v1.0.0

Added 12 years ago

candidate

bad

This code implements Hard-coded Password vulnerability in a "Scope" structure
CWE-259

61777-v1.0.0

Added 12 years ago

candidate

bad

This code implements Hard-coded Password vulnerability
CWE-89

61776-v1.1.0

Added 1 year ago

candidate

good

The code updates database table. User-controlled data are sanitized by using SQL parameters.
CWE-89

61776-v1.0.0

Added 12 years ago

deprecated

bad

This code implements SQL Injection vulnerability in a "Loop" structure, the code updates database table without validating input variables
CWE-89

61775-v1.1.0

Added 1 year ago

candidate

good

The code updates database table. Data are sanitized by using SQL parameters.
CWE-89

61775-v1.0.0

Added 12 years ago

deprecated

bad

This code implements SQL Injection vulnerability in a "Scope" structure, the code updates database table without validating input variables
CWE-89

61774-v1.0.0

Added 12 years ago

deprecated

bad

This code implements SQL Injection vulnerability, the code updates database table without validating input variables
CWE-89

61774-v1.1.0

Added 1 year ago

candidate

good

The code updates database table. User-controlled data are sanitized by using SQL parameters.
CWE-89

61773-v1.0.0

Added 12 years ago

candidate

bad

This code implements SQL Injection vulnerability in a "Loop" structure, data provided by the client in the text box is written as is to SQL query, without any filtering
CWE-89

61772-v1.0.0

Added 12 years ago

candidate

bad

This code implements SQL Injection vulnerability in a "Scope" structure, data provided by the client in the text box is written as is to SQL query, without any filtering
CWE-89

61771-v1.0.0

Added 12 years ago

candidate

bad

This code implements SQL Injection vulnerability, data provided by the client in the text box is written as is to SQL query, without any filtering
CWE-79

61770-v1.0.0

Added 12 years ago

candidate

bad

The code implements Cross-site Scripting, data provided by the client is written as is, without any filtering
CWE-79

61769-v1.0.0

Added 12 years ago

candidate

bad

The code implements Cross-site Scripting, data provided by the client is written as is, without any filtering
CWE-79

61768-v1.0.0

Added 12 years ago

candidate

bad

The code implements Cross-site Scripting, data provided by the client is written as is, without any filtering
CWE-78

61767-v1.0.0

Added 12 years ago

candidate

bad

The code implements OS Command Injection, it runs OS Command entered by user without validating the input
CWE-78

61766-v1.0.0

Added 12 years ago

candidate

bad

The code implements OS Command Injection, it runs OS Command entered by user without validating the input
CWE-78

61765-v1.0.0

Added 12 years ago

candidate

bad

The code implements OS Command Injection, it runs OS Command entered by user without validating the input

Results per page