Test cases - NIST Software Assurance Reference Dataset

Displaying test cases 31226 - 31250 of 32356 in total

CWE-113

124352-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 53 Data flow: data...
CWE-113

124351-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 52 Data flow: data...
CWE-113

124350-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 51 Data flow: data...
CWE-113

124349-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 45 Data flow: data...
CWE-113

124348-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 42 Data flow: data...
CWE-113

124347-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 41 Data flow: data...
CWE-113

124346-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 31 Data flow: make...
CWE-113

124345-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 22 Control flow: F...
CWE-113

124344-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 21 Control flow: F...
CWE-113

124343-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 17 Control flow: f...
CWE-113

124342-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 16 Control flow: w...
CWE-113

124341-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 15 Control flow: s...
CWE-113

124340-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 14 Control flow: i...
CWE-113

124339-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 13 Control flow: i...
CWE-113

124338-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 12 Control flow: i...
CWE-113

124337-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 11 Control flow: i...
CWE-113

124336-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 10 Control flow: i...
CWE-113

124335-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 09 Control flow: i...
CWE-113

124334-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 08 Control flow: i...
CWE-113

124333-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 07 Control flow: i...
CWE-113

124332-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 06 Control flow: i...
CWE-113

124331-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 05 Control flow: i...
CWE-113

124330-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 04 Control flow: i...
CWE-113

124329-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 03 Control flow: i...
CWE-113

124328-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 113 HTTP Response Splitting BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: addHeaderServlet GoodSink: URLEncode input BadSink : querystring to addHeader() Flow Variant: 02 Control flow: i...

Results per page