PHP Vulnerability Test Suite Test suite #103

Author: Bertrand C. Stivalet
Language: PHP
Size: 160 MB
Sha256sum: 3407473fc2cfa38eea9216b8a7f22559b656f20ba5f2eb3b6992010265780f8c
Number Of Test Cases: 42,212
Submission Date: 27 Oct 2015

Description

Bertrand C. Stivalet and Aurelien Delaitre designed the architecture and oversaw development of a test generator by Telecom Nancy students to create 42 212 test cases in PHP, covering the most common security weakness categories, including XSS, SQL injection, URL redirection, etc. See Bertrand Stivalet and Elizabeth Fong, "Large Scale Generation of Complex and Faulty PHP Test Cases," 2016 IEEE International Conference on Software Testing, Verification and Validation (ICST), Chicago, IL.

Displaying test cases 201 - 225 of 42212 in total

157219-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : use proc_open to read /tmp/tainted.txt SANITIZE : use in_array to check if $tainted is in the white list construction : prepared query and right verification
157220-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : use proc_open to read /tmp/tainted.txt SANITIZE : use in_array to check if $tainted is in the white list construction : concatenation and checks if the user is allowed to see this data
157221-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : use proc_open to read /tmp/tainted.txt SANITIZE : uses of ESAPI, an OWASP API construction : interpretation with simple quote
157222-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : use proc_open to read /tmp/tainted.txt SANITIZE : uses of ESAPI, an OWASP API construction : right verification
157223-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : use proc_open to read /tmp/tainted.txt SANITIZE : uses of ESAPI, an OWASP API construction : prepared query and no right verification
157224-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : use proc_open to read /tmp/tainted.txt SANITIZE : uses of ESAPI, an OWASP API construction : prepared query and right verification
157225-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : use proc_open to read /tmp/tainted.txt SANITIZE : uses indirect reference construction : interpretation with simple quote
157226-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : use proc_open to read /tmp/tainted.txt SANITIZE : uses indirect reference construction : right verification
157227-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : use proc_open to read /tmp/tainted.txt SANITIZE : uses indirect reference construction : prepared query and no right verification
157228-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : use proc_open to read /tmp/tainted.txt SANITIZE : uses indirect reference construction : prepared query and right verification
CWE-862

157229-v1.0.0

Added 9 years ago

candidate

bad

Unsafe sample input : get the UserData field of $_SESSION sanitize : cast into int construction : interpretation with simple quote
CWE-862

157230-v1.0.0

Added 9 years ago

candidate

bad

Unsafe sample input : get the UserData field of $_SESSION sanitize : cast into int construction : concatenation with simple quote
157231-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : get the UserData field of $_SESSION sanitize : cast into int construction : right verification
CWE-862

157232-v1.0.0

Added 9 years ago

candidate

bad

Unsafe sample input : get the UserData field of $_SESSION sanitize : cast into int construction : prepared query and no right verification
157233-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : get the UserData field of $_SESSION sanitize : cast into int construction : prepared query and right verification
157234-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : get the UserData field of $_SESSION sanitize : cast into int construction : concatenation and checks if the user is allowed to see this data
CWE-862

157235-v1.0.0

Added 9 years ago

candidate

bad

Unsafe sample input : get the UserData field of $_SESSION sanitize : none construction : fopen
CWE-862

157236-v1.0.0

Added 9 years ago

candidate

bad

Unsafe sample input : get the UserData field of $_SESSION SANITIZE : use of preg_replace construction : fopen
157237-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : get the UserData field of $_SESSION sanitize : use of ternary condition construction : interpretation with simple quote
157238-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : get the UserData field of $_SESSION sanitize : use of ternary condition construction : concatenation with simple quote
157239-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : get the UserData field of $_SESSION sanitize : use of ternary condition construction : fopen
157240-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : get the UserData field of $_SESSION sanitize : use of ternary condition construction : right verification
157241-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : get the UserData field of $_SESSION sanitize : use of ternary condition construction : prepared query and no right verification
157242-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : get the UserData field of $_SESSION sanitize : use of ternary condition construction : prepared query and right verification
157243-v1.0.0

Added 9 years ago

candidate

good

Safe sample input : get the UserData field of $_SESSION sanitize : use of ternary condition construction : concatenation and checks if the user is allowed to see this data

Results per page