Test cases - NIST Software Assurance Reference Dataset

Displaying test cases 15551 - 15575 of 74755 in total

CWE-89

61115-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: prepared sqlstatement, executeUpdate BadSink : raw query used in executeUpdate Flow Variant: 51 Data flow: data passed as an arg...
CWE-89

61114-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: prepared sqlstatement, executeUpdate BadSink : raw query used in executeUpdate Flow Variant: 45 Data flow: data passed as a priv...
CWE-89

61113-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: prepared sqlstatement, executeUpdate BadSink : raw query used in executeUpdate Flow Variant: 42 Data flow: data returned from on...
CWE-89

61112-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: prepared sqlstatement, executeUpdate BadSink : raw query used in executeUpdate Flow Variant: 41 Data flow: data passed as an arg...
CWE-89

61111-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: prepared sqlstatement, executeUpdate BadSink : raw query used in executeUpdate Flow Variant: 31 Data flow: make a copy of data w...
CWE-89

61110-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: prepared sqlstatement, executeUpdate BadSink : raw query used in executeUpdate Flow Variant: 19 Control flow: Dead code after an...
CWE-89

61109-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: prepared sqlstatement, executeUpdate BadSink : raw query used in executeUpdate Flow Variant: 17 Control flow: for loops
CWE-89

61108-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: prepared sqlstatement, executeUpdate BadSink : raw query used in executeUpdate Flow Variant: 16 Control flow: while(true) and wh...
CWE-89

61107-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: prepared sqlstatement, executeUpdate BadSink : raw query used in executeUpdate Flow Variant: 15 Control flow: switch(6) and swit...
CWE-89

61106-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: prepared sqlstatement, executeUpdate BadSink : raw query used in executeUpdate Flow Variant: 14 Control flow: if(IO.static_five=...
CWE-89

61105-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: prepared sqlstatement, executeUpdate BadSink : raw query used in executeUpdate Flow Variant: 13 Control flow: if(IO.static_final...
CWE-89

61104-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: prepared sqlstatement, executeUpdate BadSink : raw query used in executeUpdate Flow Variant: 12 Control flow: if(IO.static_retur...
CWE-89

61103-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: prepared sqlstatement, executeUpdate BadSink : raw query used in executeUpdate Flow Variant: 11 Control flow: if(IO.static_retur...
CWE-89

61102-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: prepared sqlstatement, executeUpdate BadSink : raw query used in executeUpdate Flow Variant: 10 Control flow: if(IO.static_t) an...
CWE-89

61101-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: prepared sqlstatement, executeUpdate BadSink : raw query used in executeUpdate Flow Variant: 09 Control flow: if(IO.static_final...
CWE-89

61100-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: prepared sqlstatement, executeUpdate BadSink : raw query used in executeUpdate Flow Variant: 08 Control flow: if(private_returns...
CWE-89

61099-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: prepared sqlstatement, executeUpdate BadSink : raw query used in executeUpdate Flow Variant: 07 Control flow: if(private_five==5...
CWE-89

61098-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: prepared sqlstatement, executeUpdate BadSink : raw query used in executeUpdate Flow Variant: 06 Control flow: if(private_final_f...
CWE-89

61097-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: prepared sqlstatement, executeUpdate BadSink : raw query used in executeUpdate Flow Variant: 05 Control flow: if(private_t) and ...
CWE-89

61096-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: prepared sqlstatement, executeUpdate BadSink : raw query used in executeUpdate Flow Variant: 04 Control flow: if(private_final_t...
CWE-89

61095-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: prepared sqlstatement, executeUpdate BadSink : raw query used in executeUpdate Flow Variant: 03 Control flow: if(5==5) and if(5!=5)
CWE-89

61094-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: prepared sqlstatement, executeUpdate BadSink : raw query used in executeUpdate Flow Variant: 02 Control flow: if(true) and if(fa...
CWE-89

61093-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: prepared sqlstatement, executeUpdate BadSink : raw query used in executeUpdate Flow Variant: 01 Baseline
CWE-89

61092-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 71 Data flow: data passed as an Object...
CWE-89

61091-v1.0.0

Added 15 years ago

deprecated

mixed

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 68 Data flow: data passed as a member ...

Results per page