CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 67 Data flow: data passed in a class f...

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 66 Data flow: data passed in an array ...

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 61 Data flow: data returned from one m...

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 54 Data flow: data passed as an argume...

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 53 Data flow: data passed as an argume...

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 53 Data flow: data passed as an argume...

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 52 Data flow: data passed as an argume...

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 51 Data flow: data passed as an argume...

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 45 Data flow: data passed as a private...

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 42 Data flow: data returned from one m...

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 41 Data flow: data passed as an argume...

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 31 Data flow: make a copy of data with...

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 19 Control flow: Dead code after an if...

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 17 Control flow: for loops

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 16 Control flow: while(true) and while...

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 15 Control flow: switch(6) and switch(7)

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 14 Control flow: if(IO.static_five==5)...

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 13 Control flow: if(IO.static_final_fi...

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 12 Control flow: if(IO.static_returns_...

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 11 Control flow: if(IO.static_returns_...

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 10 Control flow: if(IO.static_t) and i...

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 09 Control flow: if(IO.static_final_t)...

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 08 Control flow: if(private_returns_t(...

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 07 Control flow: if(private_five==5) a...

CWE: 89 SQL Injection BadSource: getParameterServlet Read data from a querystring using getParameter GoodSource: A hardcoded string Sinks: executeQuery GoodSink: prepared sqlstatement, executeQuery BadSink : raw query used in executeQuery Flow Variant: 06 Control flow: if(private_final_five...