SARD Home
Browse
Search
Resources
Test Suites
View/Download Test Cases
Downloads:
Test Suite #98: openfire-3.6.0
Created by:
SAMATE Team Staff on 2014-08-01
Size:
12 test cases
Description:
Real time collaboration server that uses XMPP (Jabber). Contains CVEs.
Results:
12 test cases.
Select
Test Case ID
Submission Date
Language
Type of Artifact
Status
Description
Weakness
Bad
Good
Mixed
149024
2014-08-01
Java
Source Code
openfire-3.6.0
CWE-022: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-089: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-862: Missing Authorization
149023
2014-08-01
Java
Source Code
CVE-2008-6508
CWE-022: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
149022
2014-08-01
Java
Source Code
CVE-2009-0496 (6)
CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
149021
2014-08-01
Java
Source Code
CVE-2009-0496 (5)
CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
149020
2014-08-01
Java
Source Code
CVE-2009-0496 (4)
CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
149019
2014-08-01
Java
Source Code
CVE-2009-0496 (3)
CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
149018
2014-08-01
Java
Source Code
CVE-2009-0496 (2)
CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
149017
2014-08-01
Java
Source Code
CVE-2009-0496 (1)
CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
149016
2014-08-01
Java
Source Code
CVE-2006-7233
CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
149015
2014-08-01
Java
Source Code
CVE-2009-0497
CWE-022: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
149014
2014-08-01
Java
Source Code
CVE-2008-6509
CWE-089: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
149013
2014-08-01
Java
Source Code
CVE-2009-1596
CWE-862: Missing Authorization