Test cases - NIST Software Assurance Reference Dataset

Displaying test cases 376 - 400 of 113211 in total

CWE-89

147998-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: executeBatch GoodSink: Use prepared statement and executeBatch (properly) BadSink : data concatenated into SQL statement used in executeBatch(), which could result in SQL Injectio...
CWE-89

147997-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: executeBatch GoodSink: Use prepared statement and executeBatch (properly) BadSink : data concatenated into SQL statement used in executeBatch(), which could result in SQL Injectio...
CWE-89

147996-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: executeBatch GoodSink: Use prepared statement and executeBatch (properly) BadSink : data concatenated into SQL statement used in executeBatch(), which could result in SQL Injectio...
CWE-89

147995-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: executeBatch GoodSink: Use prepared statement and executeBatch (properly) BadSink : data concatenated into SQL statement used in executeBatch(), which could result in SQL Injectio...
CWE-89

147994-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: executeBatch GoodSink: Use prepared statement and executeBatch (properly) BadSink : data concatenated into SQL statement used in executeBatch(), which could result in SQL Injectio...
CWE-89

147993-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: executeBatch GoodSink: Use prepared statement and executeBatch (properly) BadSink : data concatenated into SQL statement used in executeBatch(), which could result in SQL Injectio...
CWE-89

147992-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: executeBatch GoodSink: Use prepared statement and executeBatch (properly) BadSink : data concatenated into SQL statement used in executeBatch(), which could result in SQL Injectio...
CWE-89

147991-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: executeBatch GoodSink: Use prepared statement and executeBatch (properly) BadSink : data concatenated into SQL statement used in executeBatch(), which could result in SQL Injectio...
CWE-89

147990-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: executeBatch GoodSink: Use prepared statement and executeBatch (properly) BadSink : data concatenated into SQL statement used in executeBatch(), which could result in SQL Injectio...
CWE-89

147989-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: prepareStatement GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in prepareStatement() ...
CWE-89

147988-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: prepareStatement GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in prepareStatement() ...
CWE-89

147987-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: prepareStatement GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in prepareStatement() ...
CWE-89

147986-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: prepareStatement GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in prepareStatement() ...
CWE-89

147985-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: prepareStatement GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in prepareStatement() ...
CWE-89

147984-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: prepareStatement GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in prepareStatement() ...
CWE-89

147983-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: prepareStatement GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in prepareStatement() ...
CWE-89

147982-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: prepareStatement GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in prepareStatement() ...
CWE-89

147981-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: prepareStatement GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in prepareStatement() ...
CWE-89

147980-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: prepareStatement GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in prepareStatement() ...
CWE-89

147979-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: prepareStatement GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in prepareStatement() ...
CWE-89

147978-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: prepareStatement GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in prepareStatement() ...
CWE-89

147977-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: prepareStatement GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in prepareStatement() ...
CWE-89

147976-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: prepareStatement GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in prepareStatement() ...
CWE-89

147975-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: prepareStatement GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in prepareStatement() ...
CWE-89

147974-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: prepareStatement GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in prepareStatement() ...

Results per page