PHP Vulnerability Test Suite Test suite #103
DownloadDescription
Bertrand C. Stivalet and Aurelien Delaitre designed the architecture and oversaw development of a test generator by Telecom Nancy students to create 42 212 test cases in PHP, covering the most common security weakness categories, including XSS, SQL injection, URL redirection, etc. See Bertrand Stivalet and Elizabeth Fong, "Large Scale Generation of Complex and Faulty PHP Test Cases," 2016 IEEE International Conference on Software Testing, Verification and Validation (ICST), Chicago, IL.
Displaying test cases 41451 - 41475 of 42212 in total
-
Safe sample input : get the field userData from the variable $_GET via an object, which store it in a array SANITIZE : use of preg_replace with another regex File : unsafe, use of untrusted data in an attribute name
-
Safe sample input : get the field userData from the variable $_GET via an object, which store it in a array SANITIZE : use of preg_replace with another regex File : unsafe, use of untrusted data in an tag name
-
Safe sample input : get the field userData from the variable $_GET via an object, which store it in a array SANITIZE : use of preg_replace with another regex File : unsafe, use of untrusted data in CSS
-
Safe sample input : get the field userData from the variable $_GET via an object, which store it in a array SANITIZE : use of preg_replace with another regex File : use of untrusted data in the body
-
Safe sample input : get the field userData from the variable $_GET via an object, which store it in a array SANITIZE : use of preg_replace with another regex File : use of untrusted data in a div tag
-
Safe sample input : get the field userData from the variable $_GET via an object, which store it in a array SANITIZE : use of preg_replace with another regex File : use of untrusted data in a unquoted attribute
-
Safe sample input : get the field userData from the variable $_GET via an object, which store it in a array SANITIZE : use of preg_replace with another regex File : use of untrusted data in a simple quote attribute
-
Safe sample input : get the field userData from the variable $_GET via an object, which store it in a array SANITIZE : use of preg_replace with another regex File : use of untrusted data in a doubled quote attribute
-
Safe sample input : get the field userData from the variable $_GET via an object, which store it in a array SANITIZE : use of preg_replace with another regex File : use of untrusted data in a simple quoted string in a script
-
Safe sample input : get the field userData from the variable $_GET via an object, which store it in a array SANITIZE : use of preg_replace with another regex File : use of untrusted data in a double quoted string in a script
-
Safe sample input : get the field userData from the variable $_GET via an object, which store it in a array SANITIZE : use of preg_replace with another regex File : use of untrusted data in one side of a quoted expression in a script
-
Safe sample input : get the field userData from the variable $_GET via an object, which store it in a array SANITIZE : use of preg_replace with another regex File : use of untrusted data in one side of a double quoted expression in a script
-
Safe sample input : get the field userData from the variable $_GET via an object, which store it in a array SANITIZE : use of preg_replace with another regex File : use of untrusted data in a quoted event handler in a script
-
Safe sample input : get the field userData from the variable $_GET via an object, which store it in a array SANITIZE : use of preg_replace with another regex File : use of untrusted data in a double quoted event handler in a script
-
Safe sample input : get the field userData from the variable $_GET via an object, which store it in a array SANITIZE : use of preg_replace with another regex File : unsafe, use of untrusted data in the function setInterval
-
Safe sample input : get the field userData from the variable $_GET via an object, which store it in a array SANITIZE : use of preg_replace with another regex File : use of untrusted data in a property value (CSS)
-
Safe sample input : get the field userData from the variable $_GET via an object, which store it in a array SANITIZE : use of preg_replace with another regex File : use of untrusted data in a double quoted property value (CSS)
-
Safe sample input : get the field userData from the variable $_GET via an object, which store it in a array SANITIZE : use of preg_replace with another regex File : unsafe, use of untrusted data in a quoted property value (CSS)
-
Safe sample input : get the field userData from the variable $_GET via an object, which store it in a array SANITIZE : use of preg_replace with another regex File : unsafe, use of untrusted data in a property value in a span tag(CSS)
-
Unsafe sample input : get the field userData from the variable $_GET via an object, which store it in a array sanitize : use of ternary condition File : unsafe, use of untrusted data in a script
-
Unsafe sample input : get the field userData from the variable $_GET via an object, which store it in a array sanitize : use of ternary condition File : unsafe, use of untrusted data in a comment
-
Unsafe sample input : get the field userData from the variable $_GET via an object, which store it in a array sanitize : use of ternary condition File : unsafe, use of untrusted data in an attribute name
-
Unsafe sample input : get the field userData from the variable $_GET via an object, which store it in a array sanitize : use of ternary condition File : unsafe, use of untrusted data in an tag name
-
Unsafe sample input : get the field userData from the variable $_GET via an object, which store it in a array sanitize : use of ternary condition File : unsafe, use of untrusted data in CSS
-
Unsafe sample input : get the field userData from the variable $_GET via an object, which store it in a array sanitize : use of ternary condition File : use of untrusted data in the body