pyt/vulnerability_definitions/all_trigger_words.pyt
{
"sources": [
"request.args.get(",
"request.get_json(",
"Markup(",
"POST.get(",
"GET.get(",
"META.get(",
"POST[",
"GET[",
"META[",
"FILES[",
".data",
"form[",
"form(",
"mark_safe(",
"cookies[",
"files[",
"SQLAlchemy"
],
"sinks": {
"replace(": {
"sanitisers": [
"escape"
]
},
"send_file(": {
"sanitisers": [
"'..'",
"'..' in"
]
},
"commands.getoutput(": {},
"commands.getstatusoutput(": {},
"eval(": {},
"exec(": {},
"execute(": {},
"filter(": {},
"flash(": {},
"jsonify(": {},
"os.execl(": {},
"os.execle(": {},
"os.execlp(": {},
"os.execlpe(": {},
"os.execv(": {},
"os.execve(": {},
"os.execvp(": {},
"os.execvpe(": {},
"os.popen(": {},
"os.popen2(": {},
"os.popen3(": {},
"os.popen4(": {},
"os.spawnl(": {},
"os.spawnle(": {},
"os.spawnlp(": {},
"os.spawnlpe(": {},
"os.spawnv(": {},
"os.spawnve(": {},
"os.spawnvp(": {},
"os.spawnvpe(": {},
"os.startfile(": {},
"os.system(": {},
"popen2.Popen3(": {},
"popen2.Popen4(": {},
"popen2.popen2(": {},
"popen2.popen3(": {},
"popen2.popen4(": {},
"redirect(": {},
"render(": {},
"render_template(": {},
"render_to_response(": {},
"set_cookie(": {},
"subprocess.Popen(": {},
"subprocess.call(": {},
"subprocess.check_call(": {},
"subprocess.check_output(": {},
"subprocess.run(": {},
"url_for(": {}
}
}