Test cases - NIST Software Assurance Reference Dataset

Displaying test cases 76 - 100 of 113211 in total

CWE-89

148298-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: execute GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in execute(), which could result in SQL Inje...
CWE-89

148297-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: execute GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in execute(), which could result in SQL Inje...
CWE-89

148296-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: execute GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in execute(), which could result in SQL Inje...
CWE-89

148295-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: execute GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in execute(), which could result in SQL Inje...
CWE-89

148294-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: execute GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in execute(), which could result in SQL Inje...
CWE-89

148293-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: execute GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in execute(), which could result in SQL Inje...
CWE-89

148292-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: execute GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in execute(), which could result in SQL Inje...
CWE-89

148291-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: execute GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in execute(), which could result in SQL Inje...
CWE-89

148290-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: execute GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in execute(), which could result in SQL Inje...
CWE-89

148289-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: execute GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in execute(), which could result in SQL Inje...
CWE-89

148288-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: execute GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in execute(), which could result in SQL Inje...
CWE-89

148287-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: execute GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in execute(), which could result in SQL Inje...
CWE-89

148286-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: execute GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in execute(), which could result in SQL Inje...
CWE-89

148285-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could ...
CWE-89

148284-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could ...
CWE-89

148283-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could ...
CWE-89

148282-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could ...
CWE-89

148281-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could ...
CWE-89

148280-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could ...
CWE-89

148279-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could ...
CWE-89

148278-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could ...
CWE-89

148277-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could ...
CWE-89

148276-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could ...
CWE-89

148275-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could ...
CWE-89

148274-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could ...

Results per page