PHP Vulnerability Test Suite Test suite #103
DownloadDescription
Bertrand C. Stivalet and Aurelien Delaitre designed the architecture and oversaw development of a test generator by Telecom Nancy students to create 42 212 test cases in PHP, covering the most common security weakness categories, including XSS, SQL injection, URL redirection, etc. See Bertrand Stivalet and Elizabeth Fong, "Large Scale Generation of Complex and Faulty PHP Test Cases," 2016 IEEE International Conference on Software Testing, Verification and Validation (ICST), Chicago, IL.
Displaying test cases 32101 - 32125 of 42212 in total
-
Safe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list construction : concatenation with simple quote
-
Safe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list construction : concatenation with simple quote
-
Safe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list construction : interpretation with simple quote
-
Safe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list construction : interpretation with simple quote
-
Safe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list construction : use of sprintf via a %s with simple quote
-
Safe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list construction : use of sprintf via a %s with simple quote
-
Safe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list construction : concatenation with simple quote
-
Safe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list construction : concatenation with simple quote
-
Safe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list construction : interpretation with simple quote
-
Safe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list construction : interpretation with simple quote
-
Safe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list construction : use of sprintf via a %d with simple quote
-
Safe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list construction : use of sprintf via a %d with simple quote
-
Safe sample sanitize : sha256 with crypt function construction : store sensitive data in a cookie
-
Safe sample sanitize : sha256 with crypt function construction : store sensitive data in a database
-
Unsafe sample sanitize : no_encryption construction : store sensitive data in a cookie
-
Unsafe sample sanitize : no_encryption construction : store sensitive data in a database
-
Unsafe sample sanitize : none construction : encrypt the data using str_rot13
-
Unsafe sample sanitize : none construction : encrypt the data using md5
-
Unsafe sample sanitize : none construction : encrypt the data using sha1
-
Unsafe sample sanitize : none construction : encrypt the data using DES with crypt function
-
Unsafe sample sanitize : none construction : encrypt the data using MD5 with crypt function
-
Safe sample sanitize : none construction : encrypt the data using sha256 with crypt function
-
Safe sample sanitize : none construction : encrypt the data using sha512 with crypt function
-
Safe sample sanitize : none construction : encrypt the data using password_hash function
-
Unsafe sample input : backticks interpretation, reading the file /tmp/tainted.txt Uses an email_filter via filter_var function File : unsafe, use of untrusted data in a script