Safe sample input : backticks interpretation, reading the file /tmp/tainted.txt sanitize : use of ternary condition construction : right verification

Safe sample input : backticks interpretation, reading the file /tmp/tainted.txt sanitize : use of ternary condition construction : interpretation with simple quote

Safe sample input : backticks interpretation, reading the file /tmp/tainted.txt sanitize : cast into int construction : prepared query and right verification

Unsafe sample input : backticks interpretation, reading the file /tmp/tainted.txt sanitize : cast into int construction : prepared query and no right verification

Safe sample input : backticks interpretation, reading the file /tmp/tainted.txt sanitize : cast into int construction : right verification

Unsafe sample input : backticks interpretation, reading the file /tmp/tainted.txt sanitize : cast into int construction : interpretation with simple quote

CWE: 566 Authorization Bypass through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole BadSink : user authorization not checked Flow Variant: 81 Data flow: data passed in a parameter to an abstract method

CWE: 566 Authorization Bypass through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole BadSink : user authorization not checked Flow Variant: 75 Data flow: data passed in a serialized object from one method to another in different sou...

CWE: 566 Authorization Bypass through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole BadSink : user authorization not checked Flow Variant: 74 Data flow: data passed in a HashMap from one method to another in different source files ...

CWE: 566 Authorization Bypass through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole BadSink : user authorization not checked Flow Variant: 73 Data flow: data passed in a LinkedList from one method to another in different source fil...

CWE: 566 Authorization Bypass through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole BadSink : user authorization not checked Flow Variant: 72 Data flow: data passed in a Vector from one method to another in different source files i...

CWE: 566 Authorization Bypass through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole BadSink : user authorization not checked Flow Variant: 71 Data flow: data passed as an Object reference argument from one method to another in diff...

CWE: 566 Authorization Bypass through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id BadSink: writeConsole user authorization not checked Flow Variant: 68 Data flow: data passed as a member variable in the a class, which is used by a method in another c...

CWE: 566 Authorization Bypass through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole BadSink : user authorization not checked Flow Variant: 67 Data flow: data passed in a class from one method to another in different source files in...

CWE: 566 Authorization Bypass through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole BadSink : user authorization not checked Flow Variant: 66 Data flow: data passed in an array from one method to another in different source files i...

CWE: 566 Authorization Bypass through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole BadSink : user authorization not checked Flow Variant: 61 Data flow: data returned from one method to another in different classes in the same package

CWE: 566 Authorization Bypass through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole BadSink : user authorization not checked Flow Variant: 54 Data flow: data passed as an argument from one method through three others to a fifth; al...

CWE: 566 Authorization Bypass through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole BadSink : user authorization not checked Flow Variant: 53 Data flow: data passed as an argument from one method through two others to a fourth; all...

CWE: 566 Authorization Bypass through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole BadSink : user authorization not checked Flow Variant: 52 Data flow: data passed as an argument from one method to another to another in three diff...

CWE: 566 Authorization Bypass through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id BadSink: writeConsole user authorization not checked Flow Variant: 51 Data flow: data passed as an argument from one function to another in different classes in the sam...

CWE: 566 Authorization Bypass through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole BadSink : user authorization not checked Flow Variant: 45 Data flow: data passed as a private class member variable from one function to another in...

CWE: 566 Authorization Bypass through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id BadSink: writeConsole user authorization not checked Flow Variant: 42 Data flow: data returned from one method to another in the same class

CWE: 566 Authorization Bypass through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id BadSink: writeConsole user authorization not checked Flow Variant: 41 Data flow: data passed as an argument from one method to another in the same class

CWE: 566 Authorization Bypass through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole BadSink : user authorization not checked Flow Variant: 31 Data flow: make a copy of data within the same method

CWE: 566 Authorization Bypass through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole BadSink : user authorization not checked Flow Variant: 22 Control flow: Flow controlled by value of a public static variable. Sink functions are in...