Test cases - NIST Software Assurance Reference Dataset

Displaying test cases 8976 - 9000 of 32356 in total

CWE-89

146602-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection Flow...
CWE-89

146601-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection Flow...
CWE-89

146600-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection Flow...
CWE-89

146599-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection Flow...
CWE-89

146598-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection Flow...
CWE-89

146597-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection Flow...
CWE-89

146596-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection Flow...
CWE-89

146595-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection Flow...
CWE-89

146594-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection Flow...
CWE-89

146593-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection Flow...
CWE-89

146592-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection Flow...
CWE-89

146591-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection Flow...
CWE-89

146590-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection Flow...
CWE-89

146589-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection Flow...
CWE-89

146588-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection Flow...
CWE-89

146587-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection Flow...
CWE-89

146586-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection Flow...
CWE-89

146585-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection Flow...
CWE-89

146584-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection Flow...
CWE-89

146583-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeBatch GoodSink: Use prepared statement and executeBatch (properly) BadSink : data concatenated into SQL statement used in executeBatch(), which could result in SQL Injection Flow...
CWE-89

146582-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeBatch GoodSink: Use prepared statement and executeBatch (properly) BadSink : data concatenated into SQL statement used in executeBatch(), which could result in SQL Injection Flow...
CWE-89

146581-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeBatch GoodSink: Use prepared statement and executeBatch (properly) BadSink : data concatenated into SQL statement used in executeBatch(), which could result in SQL Injection Flow...
CWE-89

146580-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeBatch GoodSink: Use prepared statement and executeBatch (properly) BadSink : data concatenated into SQL statement used in executeBatch(), which could result in SQL Injection Flow...
CWE-89

146579-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeBatch GoodSink: Use prepared statement and executeBatch (properly) BadSink : data concatenated into SQL statement used in executeBatch(), which could result in SQL Injection Flow...
CWE-89

146578-v1.0.0

Added 13 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeBatch GoodSink: Use prepared statement and executeBatch (properly) BadSink : data concatenated into SQL statement used in executeBatch(), which could result in SQL Injection Flow...

Results per page