Apache Lenya 2.0.4 Test suite #13
DownloadDescription
This test case takes a value and attempts to convert it to
upper case. If the value contains anything other than a-zA-Z,
then an exception is thrown, but not caught.
Metadata
- Base program: Apache Lenya
- Source Taint: SOCKET
- Data Type: ARRAY
- Data Flow: ADDRESS_AS_FUNCTION_RETURN_VALUE
- Control Flow: INDIRECTLY_RECURSIVE
Displaying test cases 326 - 350 of 477 in total
-
This test takes in data from an argument, that is intended to contain parameters for an 'ls' command. The test does not perform checks for special characters, however, and it is possible to include other, unexpected commands as part of the ls parameter set. Metadata - Base program: Apache Len...
-
This test takes in data from an argument, that is intended to contain parameters for an 'find' command. The test does not perform checks on the parameters, however, and it is possible to include other, unexpected commands as part of the find parameter set. Metadata - Base program: Apache Leny...
-
Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata -Base program: Apache Lenya - Source Taint: SOCKET - Data Type: array - Data Flow: address_as_function_ret...
-
This test takes in data from an argument, that is intended to contain parameters for an 'ls' command. The test does not perform checks for special characters, however, and it is possible to include other, unexpected commands as part of the ls parameter set. Metadata -Base program: Apache Lenya ...
-
This test creates a connection to the MySQL database, and creates a query string based on data in an array passed by arguments. This data is not checked for special elements, however, and it is possible to construct a query string that performs unexpected data retrievals or modifications. Met...
-
This test creates a connection to the MySQL database, and creates a query string based on data in an array passed by arguments. This data is not checked for special elements, however, and it is possible to construct a query string that performs unexpected data retrievals or modifications. Met...
-
This test creates a connection to the PGSQL database, and creates a query string based on data in an environment variable. This data is not checked for special elements, however, and it is possible to construct a query string that performs unexpected data retrievals or modifications. Metadata...
-
Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata -Base program: Apache Lenya - Source Taint: SOCKET - Data Type: array - Data Flow: var_arg_list - Control ...
-
This test creates a connection to the MySQL database, and creates a query string based on data in an array passed by arguments. This data is not checked for special elements, however, and it is possible to construct a query string that performs unexpected data retrievals or modifications. Met...
-
This test creates a connection to the PGSQL database, and creates a query string based on data in an environment variable. This data is not checked for special elements, however, and it is possible to construct a query string that performs unexpected data retrievals or modifications. Metadata...
-
Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata -Base program: Apache Lenya - Source Taint: FILE_CONTENTS - Data Type: void_pointer - Data Flow: var_arg_l...
-
Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata -Base program: Apache Lenya - Source Taint: FILE_CONTENTS - Data Type: simple - Data Flow: address_as_func...
-
Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata -Base program: Apache Lenya - Source Taint: SOCKET - Data Type: void_pointer - Data Flow: java_generics - ...
-
This test creates a connection to the MySQL database, and creates a query string based on data in an array passed by arguments. This data is not checked for special elements, however, and it is possible to construct a query string that performs unexpected data retrievals or modifications. Met...
-
This test takes in data from an argument, that is intended to contain parameters for an 'ls' command. The test does not perform checks for special characters, however, and it is possible to include other, unexpected commands as part of the ls parameter set. Metadata - Base program: Apache Len...
-
This test creates a connection to the MySQL database, and creates a query string based on data in an array passed by arguments. This data is not checked for special elements, however, and it is possible to construct a query string that performs unexpected data retrievals or modifications. Met...
-
This test takes in data from an argument, that is intended to contain parameters for an 'find' command. The test does not perform checks on the parameters, however, and it is possible to include other, unexpected commands as part of the find parameter set. Metadata - Base program: Apache Leny...
-
This test creates a connection to the PGSQL database, and creates a query string based on data in an environment variable. This data is not checked for special elements, however, and it is possible to construct a query string that performs unexpected data retrievals or modifications. Metadata...
-
This test takes in data from an argument, that is intended to contain parameters for an 'find' command. The test does not perform checks on the parameters, however, and it is possible to include other, unexpected commands as part of the find parameter set. Metadata -Base program: Apache Lenya - ...
-
This test takes in data from an argument, that is intended to contain parameters for an 'find' command. The test does not perform checks on the parameters, however, and it is possible to include other, unexpected commands as part of the find parameter set. Metadata - Base program: Apache Leny...
-
This test takes in data from an argument, that is intended to contain parameters for an 'ls' command. The test does not perform checks for special characters, however, and it is possible to include other, unexpected commands as part of the ls parameter set. Metadata -Base program: Apache Lenya ...
-
This test creates a connection to the MySQL database, and creates a query string based on data in an array passed by arguments. This data is not checked for special elements, however, and it is possible to construct a query string that performs unexpected data retrievals or modifications. Met...
-
This test creates a connection to the PGSQL database, and creates a query string based on data in an environment variable. This data is not checked for special elements, however, and it is possible to construct a query string that performs unexpected data retrievals or modifications. Metadata...
-
Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata -Base program: Apache Lenya - Source Taint: SOCKET - Data Type: void_pointer - Data Flow: basic - Control ...
-
This test takes in data from an argument, that is intended to contain parameters for an 'ls' command. The test does not perform checks for special characters, however, and it is possible to include other, unexpected commands as part of the ls parameter set. Metadata -Base program: Apache Lenya ...