Command line args filtering : check if there is only numbers sink : SQL query

Command line args Xpath replace char sink : SQL query

input : direct user input in string Xpath replace char sink : SQL query

input : direct user input in string Xpath replace char sink : SQL query

input : shell commands Xpath replace char sink : SQL query

Command line args filtering : remove all '\', '*', '(', ')', 'u0000', '/' in parameter sink : SQL query

Command line args filtering : remove semi-colon and all invalid filenames and chars in paths sink : SQL query

input : direct user input in string filtering : remove semi-colon and all invalid filenames and chars in paths sink : SQL query

input : direct user input in string no filtering sink : SQL query

input : shell commands no filtering sink : SQL query

input : direct user input in string Xpath replace char construction : concatenation with simple quote

input : shell commands Xpath replace char construction : concatenation with simple quote

Command line args filtering : remove all '\', '*', '(', ')', 'u0000', '/' in parameter construction : concatenation with simple quote

Command line args filtering : remove all '\', '*', '(', ')', 'u0000', '/' in parameter construction : concatenation with simple quote

Hardcoded string input filtering : remove all '\', '*', '(', ')', 'u0000', '/' in parameter construction : concatenation with simple quote

Hardcoded string input filtering : remove semi-colon and all invalid filenames and chars in paths construction : concatenation with simple quote

input : direct user input in string filtering : remove semi-colon and all invalid filenames and chars in paths construction : concatenation with simple quote

Command line args filtering : check if there is only numbers construction : concatenation with simple quote

input : shell commands no filtering construction : concatenation with simple quote

Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata -Base program: Apache POI - Source Taint: SOCKET - Data Type: simple - Data Flow: address_as_function_retu...

CWE: 89 SQL Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could result in SQL Injec...

CWE: 89 SQL Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could result in SQL Injec...

CWE: 89 SQL Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could result in SQL Injec...

CWE: 89 SQL Injection BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: prepareStatement GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in prepareStatement() call, which could re...

CWE: 89 SQL Injection BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: prepareStatement GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used...