SAMATE Logo NIST Logo The SAMATE Project Department of Homeland Security

View/Download Test Cases

Test Suite #31: Web Applications in PHP

Results: 15 test cases.

Select Test Case ID(up) Submission Date Language Type of Artifact Status Description Weakness Bad
Good
Mixed
19512007-03-13PHPSource CodeCandidate The test case shows a PHP Include VUlnerability. The defense ...CWE-098: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Bad test case
19502007-03-13PHPSource CodeCandidate The test case exposes a PHP Include Vulnerability. The defense ...CWE-098: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Bad test case
19492007-03-13PHPSource CodeCandidate The test case shows a PHP Include Vulnerability. A defense mechanismuCWE-098: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Bad test case
19482007-03-13PHPSource CodeCandidate The test case shows a PHP File Inclusion vulnerability. The ...CWE-098: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Bad test case
19472007-03-13PHPSource CodeCandidate The test case shows a not so weak encryption practice. Here the ...CWE-326: Inadequate Encryption Strength
Bad test case
19462007-03-13PHPSource CodeCandidate The test case shows a weak encryption practice. Here the password issCWE-326: Inadequate Encryption Strength
Bad test case
19452007-03-13PHPSource CodeCandidate The test case shows a weak encryption practice. Here the password issCWE-326: Inadequate Encryption Strength
Bad test case
19442007-03-13PHPSource CodeCandidate The test case shows a weak encryption practice. Here the password issCWE-326: Inadequate Encryption Strength
Bad test case
19432007-03-13PHPSource CodeCandidate The test case shows a weak encryption practice. Here there is no ...CWE-326: Inadequate Encryption Strength
Bad test case
19422007-03-08PHPSource CodeCandidate The test case shows an SQL Injection in a PHP script. The ...CWE-089: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Bad test case
19412007-03-08PHPSource CodeCandidate The test case shows an SQL Injection. The defense mechanism is ...CWE-089: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Bad test case
19402007-03-08PHPSource CodeCandidate The test case shows an SQL Injection in a PHP script.CWE-089: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Bad test case
19392007-03-08PHPSource CodeCandidate The test case shows a basic Cross-Site Scripting in PHP. The ...CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Bad test case
19382007-03-08PHPSource CodeCandidate The test case shows a basic Cross-Site Scripting in PHP. The ...CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Bad test case
19372007-03-08PHPSource CodeCandidate The test case shows a basic Cross-Site Scripting in PHP. The ...CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Bad test case