PHP Vulnerability Test Suite Test suite #103
DownloadDescription
Bertrand C. Stivalet and Aurelien Delaitre designed the architecture and oversaw development of a test generator by Telecom Nancy students to create 42 212 test cases in PHP, covering the most common security weakness categories, including XSS, SQL injection, URL redirection, etc. See Bertrand Stivalet and Elizabeth Fong, "Large Scale Generation of Complex and Faulty PHP Test Cases," 2016 IEEE International Conference on Software Testing, Verification and Validation (ICST), Chicago, IL.
Displaying test cases 42126 - 42150 of 42212 in total
-
Unsafe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list File : use of untrusted data in the body
-
Unsafe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list File : use of untrusted data in a div tag
-
Unsafe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list File : use of untrusted data in a unquoted attribute
-
Safe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list File : use of untrusted data in a simple quote attribute
-
Unsafe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list File : use of untrusted data in a doubled quote attribute
-
Safe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list File : use of untrusted data in a simple quoted string in a script
-
Unsafe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list File : use of untrusted data in a double quoted string in a script
-
Safe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list File : use of untrusted data in one side of a quoted expression in a script
-
Unsafe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list File : use of untrusted data in one side of a double quoted expression in a script
-
Safe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list File : use of untrusted data in a quoted event handler in a script
-
Unsafe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list File : use of untrusted data in a double quoted event handler in a script
-
Unsafe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list File : unsafe, use of untrusted data in the function setInterval
-
Unsafe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list File : use of untrusted data in a property value (CSS)
-
Unsafe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list File : use of untrusted data in a double quoted property value (CSS)
-
Unsafe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list File : unsafe, use of untrusted data in a quoted property value (CSS)
-
Unsafe sample input : get the $_GET['userData'] in an array SANITIZE : use in_array to check if $tainted is in the white list File : unsafe, use of untrusted data in a property value in a span tag(CSS)
-
Unsafe sample input : get the $_GET['userData'] in an array SANITIZE : use of urlencode File : unsafe, use of untrusted data in a script
-
Unsafe sample input : get the $_GET['userData'] in an array SANITIZE : use of urlencode File : unsafe, use of untrusted data in a comment
-
Unsafe sample input : get the $_GET['userData'] in an array SANITIZE : use of urlencode File : unsafe, use of untrusted data in an attribute name
-
Unsafe sample input : get the $_GET['userData'] in an array SANITIZE : use of urlencode File : unsafe, use of untrusted data in an tag name
-
Unsafe sample input : get the $_GET['userData'] in an array SANITIZE : use of urlencode File : unsafe, use of untrusted data in CSS
-
Safe sample input : get the $_GET['userData'] in an array SANITIZE : use of urlencode File : use of untrusted data in the body
-
Safe sample input : get the $_GET['userData'] in an array SANITIZE : use of urlencode File : use of untrusted data in a div tag
-
Unsafe sample input : get the $_GET['userData'] in an array SANITIZE : use of urlencode File : use of untrusted data in a unquoted attribute
-
Safe sample input : get the $_GET['userData'] in an array SANITIZE : use of urlencode File : use of untrusted data in a simple quote attribute