Sensitive Sink
Static analysis for PHP
A sensitive sink is every construct/function that can cause a vulnerability when it is given TaintedData as a parameter.
The following constructs are listed as a SensitiveSink:
- die
- echo
- exit
- `` (backticks)
- eval
- include
- include_once
- require
- require_once
-- EricBouwers - 29 Dec 2006