/
baseline-taint.xml
98 lines (98 loc) · 3.67 KB
/
baseline-taint.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
<?xml version="1.0" encoding="UTF-8"?>
<files psalm-version="5.8.0@9cf4f60a333f779ad3bc704a555920e81d4fdcda">
<file src="redaxo/src/addons/backup/lib/backup.php">
<TaintedFile>
<code>$filename</code>
<code>$filename</code>
</TaintedFile>
</file>
<file src="redaxo/src/addons/backup/lib/compressor.php">
<TaintedFile>
<code>$source</code>
</TaintedFile>
</file>
<file src="redaxo/src/addons/structure/plugins/history/fragments/history/layer.php">
<TaintedHtml>
<code><![CDATA[$this->getVar('content1iframe')]]></code>
<code><![CDATA[$this->getVar('content1select')]]></code>
<code><![CDATA[$this->getVar('content2iframe')]]></code>
<code><![CDATA[$this->getVar('content2select')]]></code>
</TaintedHtml>
<TaintedTextWithQuotes>
<code><![CDATA[$this->getVar('content1iframe')]]></code>
<code><![CDATA[$this->getVar('content1select')]]></code>
<code><![CDATA[$this->getVar('content2iframe')]]></code>
<code><![CDATA[$this->getVar('content2select')]]></code>
</TaintedTextWithQuotes>
</file>
<file src="redaxo/src/core/fragments/core/fe_ooops.php">
<TaintedHtml>
<code><![CDATA[$this->getVar('content', '')]]></code>
</TaintedHtml>
<TaintedTextWithQuotes>
<code><![CDATA[$this->getVar('content', '')]]></code>
</TaintedTextWithQuotes>
</file>
<file src="redaxo/src/core/fragments/core/form/search.php">
<TaintedHtml>
<code><![CDATA['<div class="'. $class . '"' . $id . '>
<span class="input-group-addon clear-button"><i class="rex-icon rex-icon-search"></i></span>
<input class="form-control" type="text"' . $autofocus . $placeholder . $value . '>
<span title="' . $clear . '" class="form-control-clear rex-icon rex-icon-clear form-control-feedback hidden"></span>
</div>']]></code>
</TaintedHtml>
<TaintedTextWithQuotes>
<code><![CDATA['<div class="'. $class . '"' . $id . '>
<span class="input-group-addon clear-button"><i class="rex-icon rex-icon-search"></i></span>
<input class="form-control" type="text"' . $autofocus . $placeholder . $value . '>
<span title="' . $clear . '" class="form-control-clear rex-icon rex-icon-clear form-control-feedback hidden"></span>
</div>']]></code>
</TaintedTextWithQuotes>
</file>
<file src="redaxo/src/core/fragments/core/page/docs.php">
<TaintedHtml>
<code><![CDATA[$this->getVar('content')]]></code>
<code><![CDATA[$this->getVar('sidebar')]]></code>
<code><![CDATA[$this->getVar('toc')]]></code>
</TaintedHtml>
<TaintedTextWithQuotes>
<code><![CDATA[$this->getVar('content')]]></code>
<code><![CDATA[$this->getVar('sidebar')]]></code>
<code><![CDATA[$this->getVar('toc')]]></code>
</TaintedTextWithQuotes>
</file>
<file src="redaxo/src/core/fragments/core/page/readme.php">
<TaintedHtml>
<code><![CDATA[$this->getVar('content')]]></code>
</TaintedHtml>
<TaintedTextWithQuotes>
<code><![CDATA[$this->getVar('content')]]></code>
</TaintedTextWithQuotes>
</file>
<file src="redaxo/src/core/lib/login/login.php">
<TaintedHeader>
<code>$rawHeader</code>
</TaintedHeader>
</file>
<file src="redaxo/src/core/lib/response.php">
<TaintedHeader>
<code>$str</code>
</TaintedHeader>
</file>
<file src="redaxo/src/core/lib/sql/sql.php">
<TaintedSql>
<code>$query</code>
</TaintedSql>
</file>
<file src="redaxo/src/core/lib/util/file.php">
<TaintedFile>
<code>$file</code>
<code>$file</code>
</TaintedFile>
</file>
<file src="redaxo/src/core/lib/util/socket/socket.php">
<TaintedCallable>
<code>$data</code>
</TaintedCallable>
</file>
</files>