PHP Vulnerability Test Suite Test suite #103

Author: Bertrand C. Stivalet
Language: PHP
Size: 160 MB
Sha256sum: 3407473fc2cfa38eea9216b8a7f22559b656f20ba5f2eb3b6992010265780f8c
Number Of Test Cases: 42,212
Submission Date: 27 Oct 2015

Description

Bertrand C. Stivalet and Aurelien Delaitre designed the architecture and oversaw development of a test generator by Telecom Nancy students to create 42 212 test cases in PHP, covering the most common security weakness categories, including XSS, SQL injection, URL redirection, etc. See Bertrand Stivalet and Elizabeth Fong, "Large Scale Generation of Complex and Faulty PHP Test Cases," 2016 IEEE International Conference on Software Testing, Verification and Validation (ICST), Chicago, IL.

Displaying test cases 226 - 250 of 42212 in total

157244-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : get the UserData field of $_SESSION SANITIZE : use in_array to check if $tainted is in the white list construction : interpretation with simple quote
157245-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : get the UserData field of $_SESSION SANITIZE : use in_array to check if $tainted is in the white list construction : concatenation with simple quote
157246-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : get the UserData field of $_SESSION SANITIZE : use in_array to check if $tainted is in the white list construction : fopen
157247-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : get the UserData field of $_SESSION SANITIZE : use in_array to check if $tainted is in the white list construction : right verification
157248-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : get the UserData field of $_SESSION SANITIZE : use in_array to check if $tainted is in the white list construction : prepared query and no right verification
157249-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : get the UserData field of $_SESSION SANITIZE : use in_array to check if $tainted is in the white list construction : prepared query and right verification
157250-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : get the UserData field of $_SESSION SANITIZE : use in_array to check if $tainted is in the white list construction : concatenation and checks if the user is allowed to see this data
157251-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : get the UserData field of $_SESSION SANITIZE : uses of ESAPI, an OWASP API construction : interpretation with simple quote
157252-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : get the UserData field of $_SESSION SANITIZE : uses of ESAPI, an OWASP API construction : right verification
157253-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : get the UserData field of $_SESSION SANITIZE : uses of ESAPI, an OWASP API construction : prepared query and no right verification
157254-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : get the UserData field of $_SESSION SANITIZE : uses of ESAPI, an OWASP API construction : prepared query and right verification
157255-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : get the UserData field of $_SESSION SANITIZE : uses indirect reference construction : interpretation with simple quote
157256-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : get the UserData field of $_SESSION SANITIZE : uses indirect reference construction : right verification
157257-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : get the UserData field of $_SESSION SANITIZE : uses indirect reference construction : prepared query and no right verification
157258-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : get the UserData field of $_SESSION SANITIZE : uses indirect reference construction : prepared query and right verification
CWE-862

157259-v1.0.0

Added 9 years ago

candidate

bad

Unsafe sample input : use shell_exec to cat /tmp/tainted.txt sanitize : cast into int construction : interpretation with simple quote
CWE-862

157260-v1.0.0

Added 9 years ago

candidate

bad

Unsafe sample input : use shell_exec to cat /tmp/tainted.txt sanitize : cast into int construction : concatenation with simple quote
157261-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : use shell_exec to cat /tmp/tainted.txt sanitize : cast into int construction : right verification
CWE-862

157262-v1.0.0

Added 9 years ago

candidate

bad

Unsafe sample input : use shell_exec to cat /tmp/tainted.txt sanitize : cast into int construction : prepared query and no right verification
157263-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : use shell_exec to cat /tmp/tainted.txt sanitize : cast into int construction : prepared query and right verification
157264-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : use shell_exec to cat /tmp/tainted.txt sanitize : cast into int construction : concatenation and checks if the user is allowed to see this data
CWE-862

157265-v1.0.0

Added 9 years ago

candidate

bad

Unsafe sample input : use shell_exec to cat /tmp/tainted.txt sanitize : none construction : fopen
CWE-862

157266-v1.0.0

Added 9 years ago

candidate

bad

Unsafe sample input : use shell_exec to cat /tmp/tainted.txt SANITIZE : use of preg_replace construction : fopen
157267-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : use shell_exec to cat /tmp/tainted.txt sanitize : use of ternary condition construction : interpretation with simple quote
157268-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : use shell_exec to cat /tmp/tainted.txt sanitize : use of ternary condition construction : concatenation with simple quote

Results per page