Test cases - NIST Software Assurance Reference Dataset

Displaying test cases 31201 - 31225 of 32356 in total

CWE-113

124377-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: setHeaderServlet GoodSink: URLEncode input BadSink : querystring to setHeader() Flow Variant: 14 Control flow: i...
CWE-113

124376-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: setHeaderServlet GoodSink: URLEncode input BadSink : querystring to setHeader() Flow Variant: 13 Control flow: i...
CWE-113

124375-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: setHeaderServlet GoodSink: URLEncode input BadSink : querystring to setHeader() Flow Variant: 12 Control flow: i...
CWE-113

124374-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: setHeaderServlet GoodSink: URLEncode input BadSink : querystring to setHeader() Flow Variant: 11 Control flow: i...
CWE-113

124373-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: setHeaderServlet GoodSink: URLEncode input BadSink : querystring to setHeader() Flow Variant: 10 Control flow: i...
CWE-113

124372-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: setHeaderServlet GoodSink: URLEncode input BadSink : querystring to setHeader() Flow Variant: 09 Control flow: i...
CWE-113

124371-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: setHeaderServlet GoodSink: URLEncode input BadSink : querystring to setHeader() Flow Variant: 08 Control flow: i...
CWE-113

124370-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: setHeaderServlet GoodSink: URLEncode input BadSink : querystring to setHeader() Flow Variant: 07 Control flow: i...
CWE-113

124369-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: setHeaderServlet GoodSink: URLEncode input BadSink : querystring to setHeader() Flow Variant: 06 Control flow: i...
CWE-113

124368-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: setHeaderServlet GoodSink: URLEncode input BadSink : querystring to setHeader() Flow Variant: 05 Control flow: i...
CWE-113

124367-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: setHeaderServlet GoodSink: URLEncode input BadSink : querystring to setHeader() Flow Variant: 04 Control flow: i...
CWE-113

124366-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: setHeaderServlet GoodSink: URLEncode input BadSink : querystring to setHeader() Flow Variant: 03 Control flow: i...
CWE-113

124365-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: setHeaderServlet GoodSink: URLEncode input BadSink : querystring to setHeader() Flow Variant: 02 Control flow: i...
CWE-113

124364-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: setHeaderServlet GoodSink: URLEncode input BadSink : querystring to setHeader() Flow Variant: 01 Baseline
CWE-113

124363-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 81 Data flow: data...
CWE-113

124362-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 75 Data flow: data...
CWE-113

124361-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 74 Data flow: data...
CWE-113

124360-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 73 Data flow: data...
CWE-113

124359-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 72 Data flow: data...
CWE-113

124358-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 71 Data flow: data...
CWE-113

124357-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 68 Data flow: data...
CWE-113

124356-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 67 Data flow: data...
CWE-113

124355-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 66 Data flow: data...
CWE-113

124354-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 61 Data flow: data...
CWE-113

124353-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 54 Data flow: data...

Results per page