Deprecated test suite
Juliet Java 1.0 with extra support Test suite #69
DownloadDescription
This is a collection of test cases in the Java language. It contains examples for 106 different CWEs. NOTE: This package contains only individual test cases. We recommend to download the full test suite at the top of the "Test Suite" page. All documents related to the Juliet Test Suite can be found at the documents page
Displaying test cases 8251 - 8275 of 14184 in total
-
CWE: 565 Cookies used to make a security decision; in this case a cookie is used to tell whether someone has administrator privileges Sinks: cookieInSecurityDecisionServlet GoodSink: Uses isUserInRole() to authorize user BadSink : Uses the cookie to authorize user Flow Variant: 06 Control flo...
-
CWE: 565 Cookies used to make a security decision; in this case a cookie is used to tell whether someone has administrator privileges Sinks: cookieInSecurityDecisionServlet GoodSink: Uses isUserInRole() to authorize user BadSink : Uses the cookie to authorize user Flow Variant: 07 Control flo...
-
CWE: 565 Cookies used to make a security decision; in this case a cookie is used to tell whether someone has administrator privileges Sinks: cookieInSecurityDecisionServlet GoodSink: Uses isUserInRole() to authorize user BadSink : Uses the cookie to authorize user Flow Variant: 08 Control flo...
-
CWE: 565 Cookies used to make a security decision; in this case a cookie is used to tell whether someone has administrator privileges Sinks: cookieInSecurityDecisionServlet GoodSink: Uses isUserInRole() to authorize user BadSink : Uses the cookie to authorize user Flow Variant: 09 Control flo...
-
CWE: 565 Cookies used to make a security decision; in this case a cookie is used to tell whether someone has administrator privileges Sinks: cookieInSecurityDecisionServlet GoodSink: Uses isUserInRole() to authorize user BadSink : Uses the cookie to authorize user Flow Variant: 10 Control flo...
-
CWE: 565 Cookies used to make a security decision; in this case a cookie is used to tell whether someone has administrator privileges Sinks: cookieInSecurityDecisionServlet GoodSink: Uses isUserInRole() to authorize user BadSink : Uses the cookie to authorize user Flow Variant: 11 Control flo...
-
CWE: 565 Cookies used to make a security decision; in this case a cookie is used to tell whether someone has administrator privileges Sinks: cookieInSecurityDecisionServlet GoodSink: Uses isUserInRole() to authorize user BadSink : Uses the cookie to authorize user Flow Variant: 12 Control flo...
-
CWE: 565 Cookies used to make a security decision; in this case a cookie is used to tell whether someone has administrator privileges Sinks: cookieInSecurityDecisionServlet GoodSink: Uses isUserInRole() to authorize user BadSink : Uses the cookie to authorize user Flow Variant: 13 Control flo...
-
CWE: 565 Cookies used to make a security decision; in this case a cookie is used to tell whether someone has administrator privileges Sinks: cookieInSecurityDecisionServlet GoodSink: Uses isUserInRole() to authorize user BadSink : Uses the cookie to authorize user Flow Variant: 14 Control flo...
-
CWE: 565 Cookies used to make a security decision; in this case a cookie is used to tell whether someone has administrator privileges Sinks: cookieInSecurityDecisionServlet GoodSink: Uses isUserInRole() to authorize user BadSink : Uses the cookie to authorize user Flow Variant: 15 Control flo...
-
CWE: 565 Cookies used to make a security decision; in this case a cookie is used to tell whether someone has administrator privileges Sinks: cookieInSecurityDecisionServlet GoodSink: Uses isUserInRole() to authorize user BadSink : Uses the cookie to authorize user Flow Variant: 16 Control flo...
-
CWE: 565 Cookies used to make a security decision; in this case a cookie is used to tell whether someone has administrator privileges Sinks: cookieInSecurityDecisionServlet GoodSink: Uses isUserInRole() to authorize user BadSink : Uses the cookie to authorize user Flow Variant: 17 Control flo...
-
CWE: 565 Cookies used to make a security decision; in this case a cookie is used to tell whether someone has administrator privileges Sinks: cookieInSecurityDecisionServlet GoodSink: Uses isUserInRole() to authorize user BadSink : Uses the cookie to authorize user Flow Variant: 19 Control flo...
-
CWE: 566 Access through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole GoodSink: user permissions checked BadSink : user authorization not checked Flow Variant: 01 Baseline
-
CWE: 566 Access through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole GoodSink: user permissions checked BadSink : user authorization not checked Flow Variant: 02 Control flow: if(true) and if(false)
-
CWE: 566 Access through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole GoodSink: user permissions checked BadSink : user authorization not checked Flow Variant: 03 Control flow: if(5==5) and if(5!=5)
-
CWE: 566 Access through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole GoodSink: user permissions checked BadSink : user authorization not checked Flow Variant: 04 Control flow: if(private_final_t) and if(private_final_f)
-
CWE: 566 Access through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole GoodSink: user permissions checked BadSink : user authorization not checked Flow Variant: 05 Control flow: if(private_t) and if(private_f)
-
CWE: 566 Access through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole GoodSink: user permissions checked BadSink : user authorization not checked Flow Variant: 06 Control flow: if(private_final_five==5) and if(private_final_five!=5)
-
CWE: 566 Access through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole GoodSink: user permissions checked BadSink : user authorization not checked Flow Variant: 07 Control flow: if(private_five==5) and if(private_five!=5)
-
CWE: 566 Access through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole GoodSink: user permissions checked BadSink : user authorization not checked Flow Variant: 08 Control flow: if(private_returns_t()) and if(private_returns_f())
-
CWE: 566 Access through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole GoodSink: user permissions checked BadSink : user authorization not checked Flow Variant: 09 Control flow: if(IO.static_final_t) and if(IO.static_final_f)
-
CWE: 566 Access through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole GoodSink: user permissions checked BadSink : user authorization not checked Flow Variant: 10 Control flow: if(IO.static_t) and if(IO.static_f)
-
CWE: 566 Access through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole GoodSink: user permissions checked BadSink : user authorization not checked Flow Variant: 11 Control flow: if(IO.static_returns_t()) and if(IO.static_returns_f())
-
CWE: 566 Access through SQL primary BadSource: user id taken from url parameter GoodSource: hardcoded user id Sinks: writeConsole GoodSink: user permissions checked BadSink : user authorization not checked Flow Variant: 12 Control flow: if(IO.static_returns_t_or_f())