Safe sample input : backticks interpretation, reading the file /tmp/tainted.txt sanitize : check if there is only letters construction : concatenation with simple quote

Safe sample input : backticks interpretation, reading the file /tmp/tainted.txt sanitize : check if there is only letters construction : use of sprintf via a %s with simple quote

Safe sample input : backticks interpretation, reading the file /tmp/tainted.txt sanitize : check if there is only letters construction : interpretation with simple quote

Safe sample input : backticks interpretation, reading the file /tmp/tainted.txt sanitize : check if there is only letters construction : concatenation with simple quote

Safe sample input : backticks interpretation, reading the file /tmp/tainted.txt sanitize : check if there is only letters construction : use of sprintf via a %s with simple quote

Safe sample input : backticks interpretation, reading the file /tmp/tainted.txt sanitize : check if there is only letters construction : interpretation with simple quote

Safe sample input : backticks interpretation, reading the file /tmp/tainted.txt sanitize : check if there is only letters construction : concatenation with simple quote

Safe sample input : backticks interpretation, reading the file /tmp/tainted.txt sanitize : check if there is only letters construction : use of sprintf via a %s with simple quote

Safe sample input : backticks interpretation, reading the file /tmp/tainted.txt sanitize : check if there is only letters construction : interpretation with simple quote

Safe sample input : backticks interpretation, reading the file /tmp/tainted.txt sanitize : check if there is only letters construction : concatenation with simple quote

Safe sample input : backticks interpretation, reading the file /tmp/tainted.txt sanitize : check if there is only letters construction : use of sprintf via a %s with simple quote

Safe sample input : backticks interpretation, reading the file /tmp/tainted.txt sanitize : check if there is only letters construction : use of sprintf via a %s with simple quote

Safe sample input : backticks interpretation, reading the file /tmp/tainted.txt sanitize : check if there is only letters construction : interpretation with simple quote

Safe sample input : backticks interpretation, reading the file /tmp/tainted.txt sanitize : check if there is only letters construction : interpretation with simple quote

Safe sample input : backticks interpretation, reading the file /tmp/tainted.txt sanitize : check if there is only letters construction : concatenation with simple quote

Safe sample input : backticks interpretation, reading the file /tmp/tainted.txt sanitize : check if there is only letters construction : concatenation with simple quote

Safe sample input : get the $_GET['userData'] in an array SANITIZE : uses indirect reference construction : prepared query and right verification

Safe sample input : get the $_GET['userData'] in an array SANITIZE : uses indirect reference construction : prepared query and no right verification

Safe sample input : get the $_GET['userData'] in an array SANITIZE : uses indirect reference construction : right verification

Safe sample input : get the $_GET['userData'] in an array SANITIZE : uses indirect reference construction : interpretation with simple quote

Safe sample input : get the $_GET['userData'] in an array SANITIZE : uses of ESAPI, an OWASP API construction : prepared query and right verification

Safe sample input : get the $_GET['userData'] in an array SANITIZE : uses of ESAPI, an OWASP API construction : prepared query and no right verification

Safe sample input : get the $_GET['userData'] in an array SANITIZE : uses of ESAPI, an OWASP API construction : right verification

Safe sample input : get the $_GET['userData'] in an array SANITIZE : uses of ESAPI, an OWASP API construction : interpretation with simple quote

Safe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list construction : concatenation and checks if the user is allowed to see this data