Displaying test cases 425176 - 425200 of 426654 in total
-
The test case shows a Stack Overflow.
-
The test case exposes a path manipulation.
-
The test case exposes a path manipulation.
-
The test case shows a path manipulation weakness.
-
The test case shows a path manipulation weakness.
-
The test case shows an other variant of the improper pointer subtraction. Here we try to do pointer arithmetic with different type of pointers.
-
The test case shows a possible variant of an improper pointer subtraction. The code works well if you assume that the two integers are contiguously allocated in the memory, which is not always the case.
-
The test case shows an improper null termination with a buffer address type complexity.
-
The test case shows an improper null termination with a buffer address type complexity.
-
The arguments are not validated so, one can include a bad argument such as /etc/passwd in the list of files to print out.
-
The arguments are not validated so, one can include a bad argument such as /etc/passwd in the list of files to print out.
-
Since the argument (the file name) is not validated, one can open every file and print it.
-
Cross-Site Scripting in C. This is a CGI program which take some parameters values then print it.
-
Cross-Site Scripting in C. This is a CGI program which take some parameters values then print it.
-
Use of Dangerous Process Creation Function [em]execlp[/em]
-
The accidental deletion of a data-structure sentinel can cause serious programing logic problems. (from CLASP TCCLASP-5_6_6_10)
-
If a function\'s return value is not properly checked, the function could have failed without proper acknowledgement. (from CLASP TCCLASP-5_6_3_10)
-
The use of a hard-coded cryptographic key tremendously increases the possibility that encrypted data may be recovered (from TCCLASP-5_5_10_10-C)
-
An unsigned-to-signed conversion error takes place when a large unsignedprimitive is used as an signed value - usually as a size variable. (from TCCLASP-5_2_12_10) Duplicate code of Test Case 19
-
Sometimes an error is detected, and bad or no action is taken. (from TCCLASP-5_6_19_10)
-
Assumptions about protocol data or data stored in memory can be invalid, resulting in using data in ways that were unintended. (from TCCLASP-5_3_1_10)
-
Basic [b]Cross-Site Scripting[/b] (XSS) in PHP.[br] The attacker will write a JavaScript (hop.js) which reads the cookie and send it to: http://www.bad.com/getCookie.php which store it in a file.[br]
-
This test case show how to solve the [b]PHP Include[/b] problem.[br] The solution consists on the limitation of the possible target files.
-
This is a basic [b]PHP Include[/b] vulnerability.[br]Attackers can relay malicious code through web application to another system.
-
Private array returned from a public method