SAMATE Logo NIST Logo The SAMATE Project Department of Homeland Security
Downloads:  Download this Test Case #2165

Back to the previous page... Back to the previous page

Test Case IDAccepted2165
Bad / Good / MixedGoodGood test case
AuthorCharline Cleraux
Associations
Test suite: 64  
Added byCharline Cleraux
LanguageJava
Type of test caseSource Code
Input stringname
Expected Output
Instructions
Submission date2010-02-02
DescriptionThis servlet implements a fixed SQL injection vulnerability with an array index complexity: a SQL request is sent to the database after testing if the current name takes part of the allowed ones.
File(s)
Flaw

There are no comments
Have any comments on this test case? Please, .

File Contains:
CWE-089: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') on line(s): 0, 78, 97, 99