Displaying test cases 17701 - 17725 of 74755 in total
-
CWE: 80 Cross Site Scripting (XSS) BadSource: Environment Read a string from an environment variable GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 17 Control flow: for loops
-
CWE: 80 Cross Site Scripting (XSS) BadSource: Environment Read a string from an environment variable GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 16 Control flow: while(true) and while(local_f)
-
CWE: 80 Cross Site Scripting (XSS) BadSource: Environment Read a string from an environment variable GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 15 Control flow: switch(6)
-
CWE: 80 Cross Site Scripting (XSS) BadSource: Environment Read a string from an environment variable GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 14 Control flow: if(IO.static_five==5) and if(IO.static_five!=5)
-
CWE: 80 Cross Site Scripting (XSS) BadSource: Environment Read a string from an environment variable GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 13 Control flow: if(IO.static_final_five==5) and if(IO.static_final_five!=5)
-
CWE: 80 Cross Site Scripting (XSS) BadSource: Environment Read a string from an environment variable GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 12 Control flow: if(IO.static_returns_t_or_f())
-
CWE: 80 Cross Site Scripting (XSS) BadSource: Environment Read a string from an environment variable GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 11 Control flow: if(IO.static_returns_t()) and if(IO.static_returns_f())
-
CWE: 80 Cross Site Scripting (XSS) BadSource: Environment Read a string from an environment variable GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 10 Control flow: if(IO.static_t) and if(IO.static_f)
-
CWE: 80 Cross Site Scripting (XSS) BadSource: Environment Read a string from an environment variable GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 09 Control flow: if(IO.static_final_t) and if(IO.static_final_f)
-
CWE: 80 Cross Site Scripting (XSS) BadSource: Environment Read a string from an environment variable GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 08 Control flow: if(private_returns_t()) and if(private_returns_f())
-
CWE: 80 Cross Site Scripting (XSS) BadSource: Environment Read a string from an environment variable GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 07 Control flow: if(private_five==5) and if(private_five!=5)
-
CWE: 80 Cross Site Scripting (XSS) BadSource: Environment Read a string from an environment variable GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 06 Control flow: if(private_final_five==5) and if(private_final_five!=5)
-
CWE: 80 Cross Site Scripting (XSS) BadSource: Environment Read a string from an environment variable GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 05 Control flow: if(private_t) and if(private_f)
-
CWE: 80 Cross Site Scripting (XSS) BadSource: Environment Read a string from an environment variable GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 04 Control flow: if(private_final_t) and if(private_final_f)
-
CWE: 80 Cross Site Scripting (XSS) BadSource: Environment Read a string from an environment variable GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 03 Control flow: if(5==5) and if(5!=5)
-
CWE: 80 Cross Site Scripting (XSS) BadSource: Environment Read a string from an environment variable GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 02 Control flow: if(true) and if(false)
-
CWE: 80 Cross Site Scripting (XSS) BadSource: Environment Read a string from an environment variable GoodSource: A hardcoded string BadSink: Servlet querystring parameter not sanitized Flow Variant: 01 Baseline
-
CWE: 78 OS Command Injection BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: exec BadSink : dynamic command execution with Runtime.getRuntime().exec() Flow Variant: 71 Data flow: data passed as an Object reference argument from one metho...
-
CWE: 78 OS Command Injection BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string BadSink: exec dynamic command execution with Runtime.getRuntime().exec() Flow Variant: 68 Data flow: data passed as a member variable in the "a" class, which is used by...
-
CWE: 78 OS Command Injection BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: exec BadSink : dynamic command execution with Runtime.getRuntime().exec() Flow Variant: 67 Data flow: data passed in a class from one method to another in diffe...
-
CWE: 78 OS Command Injection BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: exec BadSink : dynamic command execution with Runtime.getRuntime().exec() Flow Variant: 66 Data flow: data passed in an array from one method to another in diff...
-
CWE: 78 OS Command Injection BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: exec BadSink : dynamic command execution with Runtime.getRuntime().exec() Flow Variant: 61 Data flow: data returned from one method to another in different clas...
-
CWE: 78 OS Command Injection BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: exec BadSink : dynamic command execution with Runtime.getRuntime().exec() Flow Variant: 54 Data flow: data passed as an argument from one method through three o...
-
CWE: 78 OS Command Injection BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: exec BadSink : dynamic command execution with Runtime.getRuntime().exec() Flow Variant: 53 Data flow: data passed as an argument from one method through two oth...
-
CWE: 78 OS Command Injection BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded string Sinks: exec BadSink : dynamic command execution with Runtime.getRuntime().exec() Flow Variant: 53 Data flow: data passed as an argument from one method to another to a...