Command line args Xpath replace char sink : SQL query

Command line args Xpath replace char sink : SQL query

Hardcoded string input Xpath replace char sink : SQL query

Hardcoded string input Xpath replace char sink : SQL query

Command line args filtering : remove all '\', '*', '(', ')', 'u0000', '/' in parameter sink : SQL query

input : shell commands filtering : remove all '\', '*', '(', ')', 'u0000', '/' in parameter sink : SQL query

Hardcoded string input filtering : remove semi-colon and all invalid filenames and chars in paths sink : SQL query

input : direct user input in string filtering : remove semi-colon and all invalid filenames and chars in paths sink : SQL query

input : direct user input in string filtering : remove semi-colon and all invalid filenames and chars in paths sink : SQL query

Command line args filtering : check if there is only numbers sink : SQL query

Command line args no filtering sink : SQL query

Hardcoded string input no filtering sink : SQL query

input : direct user input in string no filtering sink : SQL query

input : shell commands no filtering sink : SQL query

input : shell commands no filtering sink : SQL query

input : shell commands no filtering sink : SQL query

input : shell commands no filtering sink : SQL query

CWE: 89 SQL Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could result in SQL Injec...

CWE: 89 SQL Injection BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: prepareStatement GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used...

CWE: 89 SQL Injection BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string Sinks: execute GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in execute(), which could result i...

CWE: 89 SQL Injection BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string Sinks: prepareStatement GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in prepareStatement() call...

CWE: 89 SQL Injection BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), whi...

CWE: 89 SQL Injection BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string Sinks: executeBatch GoodSink: Use prepared statement and executeBatch (properly) BadSink : data concatenated into SQL statement used in executeBatch(), which ...

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could result in SQL Injection F...

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection Flow...