Downloads:
Back to the previous page
| Test Case ID |  1796 |
| Bad / Good / Mixed | Bad |
| Author | |
| Associations | Good pair: 1797 Replaced by: 149095 |
| Added by | Romain Gaucher |
| Language | C |
| Type of test case | Source Code |
| Input string | \' OR 1=1 -- |
| Expected Output | |
| Instructions | |
| Submission date | 2007-01-11 |
| Description | The SQL Injection is possible because the arguments are not validated before the MySQL query. |
| File(s) |
|
| Flaw |
There is 1 comment
Have any comments on this test case? Please,
.
File Contains:
CWE-089: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') on line(s): 52, 53
CWE-089: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') on line(s): 52, 53