Juliet Java 1.3 with extra support Test suite #109

CWE: 90 LDAP Injection BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string Sinks: BadSink : data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 74 Data flow: data passed in a HashMap from one meth...

CWE: 90 LDAP Injection BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string Sinks: BadSink : data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 75 Data flow: data passed in a serialized object fro...

CWE: 90 LDAP Injection BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string Sinks: BadSink : data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 81 Data flow: data passed in a parameter to an abstr...

CWE: 90 LDAP Injection BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 01 Baseline

CWE: 90 LDAP Injection BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 02 Control flow: if(true) and if(f...

CWE: 90 LDAP Injection BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 03 Control flow: if(5==5) and if(5...

CWE: 90 LDAP Injection BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 04 Control flow: if(PRIVATE_STATIC...

CWE: 90 LDAP Injection BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 05 Control flow: if(privateTrue) a...

CWE: 90 LDAP Injection BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 06 Control flow: if(PRIVATE_STATIC...

CWE: 90 LDAP Injection BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 07 Control flow: if(privateFive==5...

CWE: 90 LDAP Injection BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 08 Control flow: if(privateReturns...

CWE: 90 LDAP Injection BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 09 Control flow: if(IO.STATIC_FINA...

CWE: 90 LDAP Injection BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 10 Control flow: if(IO.staticTrue)...

CWE: 90 LDAP Injection BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 11 Control flow: if(IO.staticRetur...

CWE: 90 LDAP Injection BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 12 Control flow: if(IO.staticRetur...

CWE: 90 LDAP Injection BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 13 Control flow: if(IO.STATIC_FINA...

CWE: 90 LDAP Injection BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 14 Control flow: if(IO.staticFive=...

CWE: 90 LDAP Injection BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 15 Control flow: switch(6)

CWE: 90 LDAP Injection BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 16 Control flow: while(true)

CWE: 90 LDAP Injection BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 17 Control flow: for loops

CWE: 90 LDAP Injection BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: BadSink : data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 21 Control flow: Flow cont...

CWE: 90 LDAP Injection BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: BadSink : data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 22 Control flow: Flow cont...

CWE: 90 LDAP Injection BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: BadSink : data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 31 Data flow: make a copy ...

CWE: 90 LDAP Injection BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 41 Data flow: data passed as an ar...

CWE: 90 LDAP Injection BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 42 Data flow: data returned from o...