Source: getallheaders Sanitization: strspn_prm__<s>(needle) Dataflow: assignment Context: sql_quotes Sink: mssql_sqlsrv_prepare_prm__<$>(db)

Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata - Base program: Coffee MUD - Source Taint: ENVIRONMENT_VARIABLE - Data Type: ARRAY - Data Flow: ADDRE...

Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata -Base program: Apache POI - Source Taint: SOCKET - Data Type: simple - Data Flow: address_as_function_retu...

Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata -Base program: Apache POI - Source Taint: SOCKET - Data Type: void_pointer - Data Flow: java_generics - Co...

Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata - Base program: Coffee MUD - Source Taint: ENVIRONMENT_VARIABLE - Data Type: VOID_POINTER - Data Flow...

Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata -Base program: Apache Lucene - Source Taint: SOCKET - Data Type: void_pointer - Data Flow: address_as_cons...

Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata - Base program: Apache Lucene - Source Taint: SOCKET - Data Type: SIMPLE - Data Flow: ADDRESS_AS_CONS...

Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata - Base program: Apache Lucene - Source Taint: FILE_CONTENTS - Data Type: VOID_POINTER - Data Flow: BA...

Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata -Base program: Apache POI - Source Taint: FILE_CONTENTS - Data Type: void_pointer - Data Flow: java_generi...

Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata - Base program: Apache JMeter - Source Taint: ENVIRONMENT_VARIABLE - Data Type: SIMPLE - Data Flow: B...

Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata - Base program: Apache Jena - Source Taint: FILE_CONTENTS - Data Type: ARRAY - Data Flow: ADDRESS_AS_...

Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata - Base program: Coffee MUD - Source Taint: SOCKET - Data Type: VOID_POINTER - Data Flow: ADDRESS_AS_C...

Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata -Base program: Apache Lenya - Source Taint: ENVIRONMENT_VARIABLE - Data Type: void_pointer - Data Flow: ad...

Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata -Base program: Apache Lucene - Source Taint: ENVIRONMENT_VARIABLE - Data Type: void_pointer - Data Flow: a...

Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata -Base program: Coffee MUD - Source Taint: ENVIRONMENT_VARIABLE - Data Type: void_pointer - Data Flow: addr...

Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata -Base program: Elastic Search - Source Taint: ENVIRONMENT_VARIABLE - Data Type: void_pointer - Data Flow: ...

Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata - Base program: JTree - Source Taint: FILE_CONTENTS - Data Type: SIMPLE - Data Flow: BASIC - Control...

Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata -Base program: Coffee MUD - Source Taint: SOCKET - Data Type: void_pointer - Data Flow: var_arg_list - Con...

Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata -Base program: Elastic Search - Source Taint: FILE_CONTENTS - Data Type: void_pointer - Data Flow: var_arg...

Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata -Base program: Coffee MUD - Source Taint: FILE_CONTENTS - Data Type: simple - Data Flow: basic - Control F...

Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata -Base program: Coffee MUD - Source Taint: ENVIRONMENT_VARIABLE - Data Type: simple - Data Flow: var_arg_li...

Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata -Base program: Apache POI - Source Taint: FILE_CONTENTS - Data Type: void_pointer - Data Flow: java_generi...

Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata - Base program: Elastic Search - Source Taint: SOCKET - Data Type: VOID_POINTER - Data Flow: BASIC -...

Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata - Base program: Apache JMeter - Source Taint: FILE_CONTENTS - Data Type: SIMPLE - Data Flow: BASIC -...

Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata -Base program: Coffee MUD - Source Taint: ENVIRONMENT_VARIABLE - Data Type: array - Data Flow: index_alias...