Test cases - NIST Software Assurance Reference Dataset

Displaying test cases 126 - 150 of 113211 in total

CWE-89

148248-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could res...
CWE-89

148247-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could res...
CWE-89

148246-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could res...
CWE-89

148245-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could res...
CWE-89

148244-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could res...
CWE-89

148243-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could res...
CWE-89

148242-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could res...
CWE-89

148241-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could res...
CWE-89

148240-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could res...
CWE-89

148239-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could res...
CWE-89

148238-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could res...
CWE-89

148237-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could res...
CWE-89

148236-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could res...
CWE-89

148235-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could res...
CWE-89

148234-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could res...
CWE-89

148233-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could res...
CWE-89

148232-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could res...
CWE-89

148231-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could res...
CWE-89

148230-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could res...
CWE-89

148229-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could res...
CWE-89

148228-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could res...
CWE-89

148227-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could res...
CWE-89

148226-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could res...
CWE-89

148225-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could res...
CWE-89

148224-v1.0.0

Added 12 years ago

candidate

mixed

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could res...

Results per page