Test cases - NIST Software Assurance Reference Dataset

Displaying test cases 1401 - 1425 of 113211 in total

CWE-89

146973-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could result in SQL In...
CWE-89

146972-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could result in SQL In...
CWE-89

146971-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could result in SQL In...
CWE-89

146970-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could result in SQL In...
CWE-89

146969-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could result in SQL In...
CWE-89

146968-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could result in SQL In...
CWE-89

146967-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could result in SQL In...
CWE-89

146966-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could result in SQL In...
CWE-89

146965-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could result in SQL In...
CWE-89

146964-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could result in SQL In...
CWE-89

146963-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could result in SQL In...
CWE-89

146962-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could result in SQL In...
CWE-89

146961-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could result in SQL In...
CWE-89

146960-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could result in SQL In...
CWE-89

146959-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could result in SQL In...
CWE-89

146958-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could result in SQL In...
CWE-89

146957-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could result in SQL In...
CWE-89

146956-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could result in SQL In...
CWE-89

146955-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could result in SQL In...
CWE-89

146954-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could result in SQL In...
CWE-89

146953-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could result in SQL Injec...
CWE-89

146952-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could result in SQL Injec...
CWE-89

146951-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could result in SQL Injec...
CWE-89

146950-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could result in SQL Injec...
CWE-89

146949-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could result in SQL Injec...

Results per page