Test cases - NIST Software Assurance Reference Dataset

SARD home

Test Cases Test Suites Documentation

Displaying test cases 107276 - 107300 of 113211 in total

Go to page

First Prev … 4290 4291 4292 4293 4294 … Next Last

CWE-89

304042-v1.0.0

Added 4 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_FULL_SPECIAL_CHARS))) Sanitization: settype_prm__<s>(bool) Dataflow: assignment Context: sql_apostrophe Sink: pdo_query_prm__<$>(pdo)
CWE-89

303911-v1.0.0

Added 4 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_NUMBER_INT))) Sanitization: gzencode_prm__<i>(9) Dataflow: assignment Context: sql_plain Sink: mysqli_multi_query_prm__<$>(db)
CWE-89

298532-v1.0.0

Added 4 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_NUMBER_FLOAT))) Sanitization: preg_replace_prm__<s>(_'_)_<s>() Dataflow: assignment Context: sql_quotes Sink: mysqli_real_query_method_prm__<$>(db)
CWE-89

298246-v1.0.0

Added 4 years ago

candidate

bad

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_URL))) Sanitization: preg_replace_prm__<s>(_'_)_<s>() Dataflow: assignment Context: sql_plain Sink: mysqli_prepare_prm__<$>(db)
CWE-89

295957-v1.0.0

Added 4 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_SPECIAL_CHARS))) Sanitization: http_build_query_prm_ Dataflow: assignment Context: sql_apostrophe Sink: pdo_query_prm__<$>(pdo)
CWE-89

292758-v1.0.0

Added 4 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_URL))) Sanitization: sscanf_prm__<s>(foo %d) Dataflow: assignment Context: sql_plain Sink: sqlsrv_query_prm__<$>(db)
CWE-89

285142-v1.0.0

Added 4 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_NUMBER_INT))) Sanitization: is_real Dataflow: assignment Context: sql_plain Sink: pdo_prepare_prm__<$>(pdo)
CWE-89

283940-v1.0.0

Added 4 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_URL))) Sanitization: cast_prm__TYPE_DOUBLE Dataflow: assignment Context: sql_plain Sink: pg_send_query_prm__<$>(db)
CWE-89

279966-v1.0.0

Added 4 years ago

candidate

good

Source: filter_input_prm__<c>(INPUT_GET)_<s>(t)_<c>(FILTER_SANITIZE_NUMBER_INT) Sanitization: in_array_prm__<$>(legal)_<true>() Dataflow: assignment Context: sql_apostrophe Sink: pdo_prepare_prm__<$>(pdo)
CWE-89

279367-v1.0.0

Added 4 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_FULL_SPECIAL_CHARS))) Sanitization: substr_count_prm__<s>(needle) Dataflow: assignment Context: sql_apostrophe Sink: mssql_sqlsrv_prepare_prm__<$>(db)
CWE-89

277492-v1.0.0

Added 4 years ago

candidate

bad

Source: filter_input_prm__<c>(INPUT_GET)_<s>(t)_<c>(FILTER_SANITIZE_EMAIL) Sanitization: filter_var_prm__<c>(FILTER_SANITIZE_EMAIL) Dataflow: assignment Context: sql_apostrophe Sink: mssql_sqlsrv_prepare_prm__<$>(db)
CWE-89

274882-v1.0.0

Added 4 years ago

candidate

bad

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_ADD_SLASHES))) Sanitization: strstr_prm__<s>(1) Dataflow: assignment Context: sql_plain Sink: mysqli_real_query_method_prm__<$>(db)
CWE-89

273447-v1.0.0

Added 4 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_FULL_SPECIAL_CHARS))) Sanitization: gettype_check_prm__<s>(double) Dataflow: assignment Context: sql_apostrophe Sink: db2_prepare_prm__<$>(db)
CWE-89

269691-v1.0.0

Added 4 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_NUMBER_INT))) Sanitization: is_float Dataflow: assignment Context: sql_apostrophe Sink: pdo_prepare_prm__<$>(pdo)
CWE-89

269192-v1.0.0

Added 4 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_ADD_SLASHES))) Sanitization: json_encode_prm__<c>(ENT_COMPAT) Dataflow: assignment Context: sql_plain Sink: mysqli_prepare_prm__<$>(db)
CWE-89

268280-v1.0.0

Added 4 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_NUMBER_INT))) Sanitization: fnmatch_prm__<s>(*)_<i>(0) Dataflow: assignment Context: sql_apostrophe Sink: sqlite3_query_prm__<$>(db)
CWE-89

267369-v1.0.0

Added 4 years ago

candidate

bad

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_FULL_SPECIAL_CHARS))) Sanitization: http_build_query_prm_ Dataflow: assignment Context: sql_plain Sink: sqlite3_query_prm__<$>(db)
CWE-89

266233-v1.0.0

Added 4 years ago

candidate

good

Source: filter_input_prm__<c>(INPUT_GET)_<s>(t)_<c>(FILTER_SANITIZE_FULL_SPECIAL_CHARS) Sanitization: filter_var_prm__<c>(FILTER_SANITIZE_URL) Dataflow: assignment Context: sql_quotes Sink: pdo_query_prm__<$>(pdo)
CWE-89

264401-v1.0.0

Added 4 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_NUMBER_INT))) Sanitization: htmlentities_prm__<c>(ENT_COMPAT) Dataflow: assignment Context: sql_plain Sink: mysqli_multi_query_method_prm__<$>(db)
CWE-89

262769-v1.0.0

Added 4 years ago

candidate

bad

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_FULL_SPECIAL_CHARS))) Sanitization: htmlspecialchars_prm__<c>(ENT_NOQUOTES) Dataflow: assignment Context: sql_plain Sink: pg_send_query_prm__<$>(db)
CWE-89

262661-v1.0.0

Added 4 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_NUMBER_FLOAT))) Sanitization: filter_var_prm__<c>(FILTER_SANITIZE_URL) Dataflow: assignment Context: sql_apostrophe Sink: mysqli_real_query_method_prm__<$>(db)
CWE-89

262430-v1.0.0

Added 4 years ago

candidate

bad

Source: filter_input_prm__<c>(INPUT_GET)_<s>(t)_<c>(FILTER_SANITIZE_URL) Sanitization: filter_var_prm__<c>(FILTER_SANITIZE_URL) Dataflow: assignment Context: sql_plain Sink: pg_send_query_prm__<$>(db)
CWE-89

260307-v1.0.0

Added 4 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_NUMBER_INT))) Sanitization: is_float Dataflow: assignment Context: sql_plain Sink: db2_exec_prm__<$>(db)
CWE-89

258982-v1.0.0

Added 4 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_SPECIAL_CHARS))) Sanitization: strpos_prm__<s>(needle) Dataflow: assignment Context: sql_apostrophe Sink: mysqli_prepare_prm__<$>(db)
CWE-89

257266-v1.0.0

Added 4 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_NUMBER_INT))) Sanitization: is_string Dataflow: assignment Context: sql_quotes Sink: sqlsrv_query_prm__<$>(db)

Results per page

First Prev … 4290 4291 4292 4293 4294 … Next Last

Site Privacy
Accessibility
Privacy Program
Copyrights
Vulnerability Disclosure
No Fear Act Policy
FOIA
Environmental Policy
Scientific Integrity
Information Quality Standards
Commerce.gov
Science.gov
USA.gov
Vote.gov