View/Download Test Cases

Test Suite #103: PHP Vulnerability Test Suite

Created by: Bertrand C. Stivalet on 2015-10-28
Size: 42212 test cases
Description: Bertrand C. Stivalet and Aurelien Delaitre designed the architecture and oversaw development of a test generator by Telecom Nancy students to create 42 212 test cases in PHP, covering the most common security weakness categories, including XSS, SQL injection, URL redirection, etc. See Bertrand Stivalet and Elizabeth Fong, "Large Scale Generation of Complex and Faulty PHP Test Cases," 2016 IEEE International Conference on Software Testing, Verification and Validation (ICST), Chicago, IL.

To view a specific test case, click on ID of the test case (second column)
To download specific test cases, select them then click on "Download selected test cases " icon at the top right of the page

Results: 42212 test cases in 2111 pages. Pages: 1 2 3 4 5 ... >> Last
Go to page:

Select	Test Case ID	Submission Date	Language	Type of Artifact	Status	Description	Weakness	Bad Good Mixed
	199230	2015-10-20	PHP	Source Code		Unsafe sample. sanitize : none. construction : try_catch.	CWE-209: Information Exposure Through an Error Message
	199229	2015-10-20	PHP	Source Code		Safe sample. sanitize : none. construction : try_catch.	CWE-209: Information Exposure Through an Error Message
	199228	2015-10-20	PHP	Source Code		Safe sample. sanitize : none. construction : fopen with condition.	CWE-209: Information Exposure Through an Error Message
	199227	2015-10-20	PHP	Source Code		Unsafe sample. sanitize : none. construction : fopen.	CWE-209: Information Exposure Through an Error Message
	199226	2015-10-20	PHP	Source Code		Unsafe sample. sanitize : error_reporting(0). construction : ...	CWE-209: Information Exposure Through an Error Message
	199225	2015-10-20	PHP	Source Code		Safe sample. sanitize : error_reporting(0). construction : try_catch	CWE-209: Information Exposure Through an Error Message
	199224	2015-10-20	PHP	Source Code		Safe sample. sanitize : error_reporting(0). construction : fopen ...	CWE-209: Information Exposure Through an Error Message
	199223	2015-10-20	PHP	Source Code		Safe sample. sanitize : error_reporting(0). construction : fopen.	CWE-209: Information Exposure Through an Error Message
	199222	2015-10-20	PHP	Source Code		Unsafe sample. input : get the $_GET['userData'] in an ...	CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
	199221	2015-10-20	PHP	Source Code		Unsafe sample. input : get the $_GET['userData'] in an ...	CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
	199220	2015-10-20	PHP	Source Code		Unsafe sample. input : get the $_GET['userData'] in an ...	CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
	199219	2015-10-20	PHP	Source Code		Unsafe sample. input : get the $_GET['userData'] in an ...	CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
	199218	2015-10-20	PHP	Source Code		Unsafe sample. input : get the $_GET['userData'] in an ...	CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
	199217	2015-10-20	PHP	Source Code		Safe sample. input : get the $_GET['userData'] in an array	CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
	199216	2015-10-20	PHP	Source Code		Safe sample. input : get the $_GET['userData'] in an array	CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
	199215	2015-10-20	PHP	Source Code		Safe sample. input : get the $_GET['userData'] in an array	CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
	199214	2015-10-20	PHP	Source Code		Safe sample. input : get the $_GET['userData'] in an array	CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
	199213	2015-10-20	PHP	Source Code		Safe sample. input : get the $_GET['userData'] in an array	CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
	199212	2015-10-20	PHP	Source Code		Safe sample. input : get the $_GET['userData'] in an array	CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
	199211	2015-10-20	PHP	Source Code		Safe sample. input : get the $_GET['userData'] in an array	CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

1 2 3 4 5 ... >> Last
Total of selected test cases: 42212