Test cases - NIST Software Assurance Reference Dataset

SARD home

Test Cases Test Suites Documentation

Displaying test cases 111176 - 111200 of 113211 in total

Go to page

First Prev … 4446 4447 4448 4449 4450 … Next Last

CWE-89

264904-v1.0.0

Added 3 years ago

candidate

bad

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_ADD_SLASHES))) Sanitization: str_getcsv_prm_ Dataflow: assignment Context: sql_plain Sink: sqlite3_query_prm__<$>(db)
CWE-89

264902-v1.0.0

Added 3 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_NUMBER_INT))) Sanitization: htmlspecialchars_prm__<c>(ENT_NOQUOTES) Dataflow: assignment Context: sql_quotes Sink: mssql_sqlsrv_prepare_prm__<$>(db)
CWE-89

264896-v1.0.0

Added 3 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_ADD_SLASHES))) Sanitization: gzcompress_prm_ Dataflow: assignment Context: sql_apostrophe Sink: pg_query_prm__<$>(db)
CWE-89

264883-v1.0.0

Added 3 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_NUMBER_FLOAT))) Sanitization: cast_prm__TYPE_LONG Dataflow: assignment Context: sql_apostrophe Sink: mysqli_real_query_method_prm__<$>(db)
CWE-89

264872-v1.0.0

Added 3 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_URL))) Sanitization: filter_var_prm__<c>(FILTER_SANITIZE_SPECIAL_CHARS) Dataflow: assignment Context: sql_quotes Sink: sqlite3_query_prm__<$>(db)
CWE-89

264871-v1.0.0

Added 3 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_FULL_SPECIAL_CHARS))) Sanitization: metaphone_prm__<i>(9) Dataflow: assignment Context: sql_quotes Sink: pdo_query_prm__<$>(pdo)
CWE-89

264870-v1.0.0

Added 3 years ago

candidate

bad

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_SPECIAL_CHARS))) Sanitization: preg_replace_prm__<s>(_'_)_<s>() Dataflow: assignment Context: sql_plain Sink: mysqli_prepare_prm__<$>(db)
CWE-89

264869-v1.0.0

Added 3 years ago

candidate

bad

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_EMAIL))) Sanitization: settype_prm__<s>(string) Dataflow: assignment Context: sql_plain Sink: pg_query_prm__<$>(db)
CWE-89

264856-v1.0.0

Added 3 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_UNSAFE_RAW))) Sanitization: gzencode_prm__<i>(9) Dataflow: assignment Context: sql_plain Sink: sqlsrv_query_prm__<$>(db)
CWE-89

264845-v1.0.0

Added 3 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_NUMBER_FLOAT))) Sanitization: htmlentities_1 Dataflow: assignment Context: sql_apostrophe Sink: sqlsrv_query_prm__<$>(db)
CWE-89

264842-v1.0.0

Added 3 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_NUMBER_INT))) Sanitization: filter_var_prm__<c>(FILTER_SANITIZE_ADD_SLASHES) Dataflow: assignment Context: sql_quotes Sink: pdo_prepare_prm__<$>(pdo)
CWE-89

264838-v1.0.0

Added 3 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_NUMBER_FLOAT))) Sanitization: ctype_alpha Dataflow: assignment Context: sql_apostrophe Sink: mssql_sqlsrv_prepare_prm__<$>(db)
CWE-89

264835-v1.0.0

Added 3 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_FULL_SPECIAL_CHARS))) Sanitization: is_long Dataflow: assignment Context: sql_quotes Sink: mysqli_real_query_prm__<$>(db)
CWE-89

264834-v1.0.0

Added 3 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_NUMBER_FLOAT))) Sanitization: filter_var_prm__<c>(FILTER_SANITIZE_NUMBER_FLOAT) Dataflow: assignment Context: sql_apostrophe Sink: db2_exec_prm__<$>(db)
CWE-89

264832-v1.0.0

Added 3 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_URL))) Sanitization: cast_sortof_prm__<i>(0.0) Dataflow: assignment Context: sql_apostrophe Sink: mysqli_multi_query_prm__<$>(db)
CWE-89

264825-v1.0.0

Added 3 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_NUMBER_FLOAT))) Sanitization: strripos_prm__<s>(needle) Dataflow: assignment Context: sql_plain Sink: mssql_sqlsrv_prepare_prm__<$>(db)
CWE-89

264824-v1.0.0

Added 3 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_EMAIL))) Sanitization: cast_sortof_prm__<i>(0.0) Dataflow: assignment Context: sql_quotes Sink: mysqli_prepare_prm__<$>(db)
CWE-89

264821-v1.0.0

Added 3 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_NUMBER_FLOAT))) Sanitization: str_replace_prm__<s>(')_<s>('''') Dataflow: assignment Context: sql_plain Sink: pg_query_prm__<$>(db)
CWE-89

264809-v1.0.0

Added 3 years ago

candidate

bad

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_FULL_SPECIAL_CHARS))) Sanitization: addcslashes_prm__<s>(;:'") Dataflow: assignment Context: sql_plain Sink: db2_exec_prm__<$>(db)
CWE-89

264805-v1.0.0

Added 3 years ago

candidate

good

Source: filter_input_prm__<c>(INPUT_GET)_<s>(t)_<c>(FILTER_SANITIZE_URL) Sanitization: filter_var_prm__<c>(FILTER_SANITIZE_ADD_SLASHES) Dataflow: assignment Context: sql_quotes Sink: pdo_prepare_prm__<$>(pdo)
CWE-89

264802-v1.0.0

Added 3 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_SPECIAL_CHARS))) Sanitization: gettype_check_prm__<s>(double) Dataflow: assignment Context: sql_apostrophe Sink: db2_exec_prm__<$>(db)
CWE-89

264799-v1.0.0

Added 3 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_ADD_SLASHES))) Sanitization: str_replace_prm__<array>(<ae>(<s>(")), <ae>(<s>(')), <ae>(<s>(\<)) , <ae>(<s>(\>)))_<s>() Dataflow: assignment Context: sql_apostrophe Sink: mysqli_multi_query_prm__<$>(db)
CWE-89

264797-v1.0.0

Added 3 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_UNSAFE_RAW))) Sanitization: strspn_prm__<s>(needle) Dataflow: assignment Context: sql_plain Sink: mysqli_real_query_method_prm__<$>(db)
CWE-89

264795-v1.0.0

Added 3 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_ADD_SLASHES))) Sanitization: password_hash_prm__<c>(PASSWORD_DEFAULT) Dataflow: assignment Context: sql_quotes Sink: mysqli_prepare_prm__<$>(db)
CWE-89

264783-v1.0.0

Added 3 years ago

candidate

good

Source: filter_input_array_prm__<c>(INPUT_GET)_<array>(<ae_k>(<s>(t),<c>(FILTER_SANITIZE_NUMBER_INT))) Sanitization: settype_prm__<s>(string) Dataflow: assignment Context: sql_apostrophe Sink: pg_send_query_prm__<$>(db)

Results per page

First Prev … 4446 4447 4448 4449 4450 … Next Last

Site Privacy
Accessibility
Privacy Program
Copyrights
Vulnerability Disclosure
No Fear Act Policy
FOIA
Environmental Policy
Scientific Integrity
Information Quality Standards
Commerce.gov
Science.gov
USA.gov
Vote.gov