Displaying test cases 1 - 25 of 291048 in total
-
Source: _GET Sanitization: nosanitization Dataflow: global_variable Context: xss_plain Sink: echo_func
-
Source: _GET Sanitization: nosanitization Dataflow: factory_reflection Context: xss_plain Sink: echo_func
-
Source: _GET Sanitization: nosanitization Dataflow: list_assignment Context: xss_plain Sink: echo_func
-
Source: _GET Sanitization: nosanitization Dataflow: class_var_assign_string Context: xss_plain Sink: echo_func
-
Source: _GET Sanitization: nosanitization Dataflow: singleton_set Context: xss_plain Sink: echo_func
-
Source: _GET Sanitization: nosanitization Dataflow: call_user_func_concat Context: xss_plain Sink: echo_func
-
Source: _GET Sanitization: nosanitization Dataflow: singleton_class Context: xss_plain Sink: echo_func
-
Source: _GET Sanitization: nosanitization Dataflow: singleton Context: xss_plain Sink: echo_func
-
Source: _GET Sanitization: nosanitization Dataflow: call_user_func_simple Context: xss_plain Sink: echo_func
-
Source: _GET Sanitization: nosanitization Dataflow: backdoor_explode_implode Context: xss_plain Sink: echo_func
-
Source: _GET Sanitization: nosanitization Dataflow: assignment Context: xss_plain Sink: echo_func
-
Source: _GET Sanitization: nosanitization Dataflow: function_call_by_string Context: xss_plain Sink: echo_func
-
Source: _GET Sanitization: nosanitization Dataflow: subclass_getter Context: xss_plain Sink: echo_func
-
Source: _GET Sanitization: nosanitization Dataflow: func_get_args Context: xss_plain Sink: echo_func
-
Source: _GET Sanitization: nosanitization Dataflow: compare_different_types Context: xss_plain Sink: echo_func
-
Source: _GET Sanitization: nosanitization Dataflow: eventmanager Context: xss_plain Sink: echo_func
-
Source: _GET Sanitization: nosanitization Dataflow: environment_var Context: xss_plain Sink: echo_func
-
Source: _GET Sanitization: nosanitization Dataflow: return_reference Context: xss_plain Sink: echo_func
-
Source: _GET Sanitization: nosanitization Dataflow: __get__set Context: xss_plain Sink: echo_func
-
Source: _GET Sanitization: nosanitization Dataflow: call_user_func_array Context: xss_plain Sink: echo_func
-
Source: filter_input_prm__<c>(INPUT_GET)_<s>(t)_<c>(FILTER_UNSAFE_RAW) Sanitization: cast_prm__TYPE_STRING Dataflow: assignment Context: xss_plain Sink: user_error_prm_
-
Source: filter_input_prm__<c>(INPUT_GET)_<s>(t)_<c>(FILTER_SANITIZE_ADD_SLASHES) Sanitization: str_word_count_prm__<i>(1) Dataflow: assignment Context: xss_javascript_no_enclosure Sink: print_func
-
Source: getallheaders Sanitization: strspn_prm__<s>(needle) Dataflow: assignment Context: sql_quotes Sink: mssql_sqlsrv_prepare_prm__<$>(db)
-
Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_NUMBER_FLOAT))) Sanitization: cast_prm__TYPE_DOUBLE Dataflow: assignment Context: sql_plain Sink: pg_send_query_prm__<$>(db)
-
Source: apache_request_headers Sanitization: gettype_check_prm__<s>(integer) Dataflow: assignment Context: sql_plain Sink: pg_send_query_prm__<$>(db)