Page History

...

Tool	Version	Checker	Description
Coverity	17.05	SQLI FB.SQL_PREPARED_STATEMENT_GENERATED_ FB.SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE	Implemented
Findbugs	1.0	SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE	Implemented
Fortify	1.0	HTTP_Response_Splitting Missing_XML_Validation SQL_Injection__Persistence SQL_Injection	Implemented
Klocwork		SV.DATA.BOUND SV.DATA.DB SV.HTTP_SPLIT SV.PATH SV.PATH.INJ SV.SQL	Implemented

...

CERT C Coding Standard	STR02-C. Sanitize data passed to complex subsystems
CERT C++ Secure Coding Standard	STR02-CPP. Sanitize data passed to complex subsystems
CERT Perl Secure Coding Standard	IDS33-PL. Sanitize untrusted data passed across a trust boundary
ISO/IEC TR 24772:2013	Injection [RST]
MITRE CWE	CWE-116, Improper encoding or escaping of output

...

Space shortcuts