Vulny-Code-Static-Analysis/vulns/xss.php

<html>
		<?php
			if (isset($_POST['mail'])){
				$mail = $_POST['mail'];
				print("<p>The mail ".$mail." has been registered in our database.</p>");
			}
			else{
				echo "<p>The mail ".$_GET['mail']." has been registered in our database.</p>";
			}
		?>
</html>
Initial commit - Old version + Test files 2017-05-14 21:10:03 +00:00			`<html>`
			`<?php`
			`if (isset($_POST['mail'])){`
			`$mail = $_POST['mail'];`
FEATURE - XSS detection with print 2017-05-28 21:23:07 +00:00			`print("<p>The mail ".$mail." has been registered in our database.</p>");`
Initial commit - Old version + Test files 2017-05-14 21:10:03 +00:00			`}`
Bugfix - Constant var not vuln +$_XXX vuln display 2017-05-25 13:54:35 +00:00			`else{`
			`echo "<p>The mail ".$_GET['mail']." has been registered in our database.</p>";`
			`}`
Initial commit - Old version + Test files 2017-05-14 21:10:03 +00:00			`?>`
			`</html>`