PHP Vulnerability Test Suite Test suite #103
DownloadDescription
Bertrand C. Stivalet and Aurelien Delaitre designed the architecture and oversaw development of a test generator by Telecom Nancy students to create 42 212 test cases in PHP, covering the most common security weakness categories, including XSS, SQL injection, URL redirection, etc. See Bertrand Stivalet and Elizabeth Fong, "Large Scale Generation of Complex and Faulty PHP Test Cases," 2016 IEEE International Conference on Software Testing, Verification and Validation (ICST), Chicago, IL.
Displaying test cases 2301 - 2325 of 42212 in total
-
Safe sample input : use exec to execute the script /tmp/tainted.php and store the output in $tainted sanitize : check if there is only letters and/or numbers construction : use of sprintf via a %s with simple quote
-
Unsafe sample input : use exec to execute the script /tmp/tainted.php and store the output in $tainted sanitize : regular expression accepts everything construction : concatenation with simple quote
-
Unsafe sample input : use exec to execute the script /tmp/tainted.php and store the output in $tainted sanitize : regular expression accepts everything construction : concatenation with simple quote
-
Unsafe sample input : use exec to execute the script /tmp/tainted.php and store the output in $tainted sanitize : regular expression accepts everything construction : interpretation with simple quote
-
Unsafe sample input : use exec to execute the script /tmp/tainted.php and store the output in $tainted sanitize : regular expression accepts everything construction : interpretation with simple quote
-
Unsafe sample input : use exec to execute the script /tmp/tainted.php and store the output in $tainted sanitize : regular expression accepts everything construction : use of sprintf via a %s with simple quote
-
Unsafe sample input : use exec to execute the script /tmp/tainted.php and store the output in $tainted sanitize : regular expression accepts everything construction : use of sprintf via a %s with simple quote
-
Unsafe sample input : use exec to execute the script /tmp/tainted.php and store the output in $tainted sanitize : regular expression accepts everything construction : concatenation with simple quote
-
Unsafe sample input : use exec to execute the script /tmp/tainted.php and store the output in $tainted sanitize : regular expression accepts everything construction : interpretation with simple quote
-
Unsafe sample input : use exec to execute the script /tmp/tainted.php and store the output in $tainted sanitize : regular expression accepts everything construction : use of sprintf via a %s with simple quote
-
Unsafe sample input : use exec to execute the script /tmp/tainted.php and store the output in $tainted sanitize : regular expression accepts everything construction : concatenation with simple quote
-
Unsafe sample input : use exec to execute the script /tmp/tainted.php and store the output in $tainted sanitize : regular expression accepts everything construction : interpretation with simple quote
-
Unsafe sample input : use exec to execute the script /tmp/tainted.php and store the output in $tainted sanitize : regular expression accepts everything construction : use of sprintf via a %s with simple quote
-
Unsafe sample input : use exec to execute the script /tmp/tainted.php and store the output in $tainted sanitize : regular expression accepts everything construction : concatenation with simple quote
-
Unsafe sample input : use exec to execute the script /tmp/tainted.php and store the output in $tainted sanitize : regular expression accepts everything construction : interpretation with simple quote
-
Unsafe sample input : use exec to execute the script /tmp/tainted.php and store the output in $tainted sanitize : regular expression accepts everything construction : use of sprintf via a %s with simple quote
-
Unsafe sample input : use exec to execute the script /tmp/tainted.php and store the output in $tainted sanitize : regular expression accepts everything construction : concatenation with simple quote
-
Unsafe sample input : use exec to execute the script /tmp/tainted.php and store the output in $tainted sanitize : regular expression accepts everything construction : interpretation with simple quote
-
Unsafe sample input : use exec to execute the script /tmp/tainted.php and store the output in $tainted sanitize : regular expression accepts everything construction : use of sprintf via a %s with simple quote
-
Unsafe sample input : use exec to execute the script /tmp/tainted.php and store the output in $tainted sanitize : regular expression accepts everything construction : concatenation with simple quote
-
Unsafe sample input : use exec to execute the script /tmp/tainted.php and store the output in $tainted sanitize : regular expression accepts everything construction : interpretation with simple quote
-
Unsafe sample input : use exec to execute the script /tmp/tainted.php and store the output in $tainted sanitize : regular expression accepts everything construction : use of sprintf via a %s with simple quote
-
Unsafe sample input : use exec to execute the script /tmp/tainted.php and store the output in $tainted sanitize : regular expression accepts everything construction : concatenation with simple quote
-
Unsafe sample input : use exec to execute the script /tmp/tainted.php and store the output in $tainted sanitize : regular expression accepts everything construction : interpretation with simple quote
-
Unsafe sample input : use exec to execute the script /tmp/tainted.php and store the output in $tainted sanitize : regular expression accepts everything construction : use of sprintf via a %s with simple quote