{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,13]],"date-time":"2026-01-13T23:27:46Z","timestamp":1768346866181,"version":"3.49.0"},"reference-count":35,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013,5]]},"DOI":"10.1109\/icse.2013.6606611","type":"proceedings-article","created":{"date-parts":[[2013,10,1]],"date-time":"2013-10-01T14:38:03Z","timestamp":1380638283000},"page":"652-661","source":"Crossref","is-referenced-by-count":47,"title":["Path sensitive static analysis of web applications for remote code execution vulnerability detection"],"prefix":"10.1109","author":[{"given":"Yunhui","family":"Zheng","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xiangyu","family":"Zhang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"19","doi-asserted-by":"publisher","DOI":"10.1145\/1858996.1859080"},{"key":"35","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2012.6227158"},{"key":"17","doi-asserted-by":"publisher","DOI":"10.1145\/1572272.1572305"},{"key":"18","doi-asserted-by":"publisher","DOI":"10.1145\/1134285.1134416"},{"key":"33","doi-asserted-by":"publisher","DOI":"10.1145\/1985793.1985828"},{"key":"15","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2003.1201187"},{"key":"34","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-22306-8_3"},{"key":"16","article-title":"Noncespaces: Using randomization to enforce information flow tracking and thwart cross-site scripting attacks","author":"gundy","year":"0","journal-title":"NDSS '09"},{"key":"13","article-title":"A tool for checking ANSI-C programs","author":"clarke","year":"0","journal-title":"TACAS'04"},{"key":"14","doi-asserted-by":"publisher","DOI":"10.1145\/512529.512538"},{"key":"11","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046774"},{"key":"12","article-title":"Path feasibility analysis for string-manipulating programs","author":"bj\ufffdrner","year":"0","journal-title":"TACAS '09"},{"key":"21","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.33"},{"key":"20","doi-asserted-by":"publisher","DOI":"10.1145\/1572272.1572286"},{"key":"22","doi-asserted-by":"publisher","DOI":"10.1016\/0022-0000(78)90014-4"},{"key":"23","article-title":"Document structure integrity: A robust basis for cross-site scripting defense","author":"nadji","year":"0","journal-title":"NDSS '09"},{"key":"24","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2012.6227186"},{"key":"25","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.38"},{"key":"26","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046776"},{"key":"27","article-title":"Static detection of access control vulnerabilities in web applications","author":"sun","year":"2011","journal-title":"Usenix Security"},{"key":"28","doi-asserted-by":"publisher","DOI":"10.1145\/2001420.2001441"},{"key":"29","doi-asserted-by":"publisher","DOI":"10.1145\/1542476.1542486"},{"key":"3","year":"0"},{"key":"2","year":"0"},{"key":"10","article-title":"Deursen Automated security testing of web widget interactions","author":"bezemer","year":"0","journal-title":"FSE'09"},{"key":"1","year":"0"},{"key":"30","doi-asserted-by":"publisher","DOI":"10.1145\/2103656.2103674"},{"key":"7","doi-asserted-by":"publisher","DOI":"10.1145\/1390630.1390662"},{"key":"6","doi-asserted-by":"publisher","DOI":"10.1109\/WPC.2004.1311054"},{"key":"32","doi-asserted-by":"publisher","DOI":"10.1145\/1232420.1232423"},{"key":"5","doi-asserted-by":"publisher","DOI":"10.1145\/2338965.2336760"},{"key":"31","doi-asserted-by":"publisher","DOI":"10.1145\/1250734.1250739"},{"key":"4","year":"0"},{"key":"9","doi-asserted-by":"publisher","DOI":"10.1145\/1772690.1772701"},{"key":"8","article-title":"Automated discovery of parameter pollution vulnerabilities in web applications","author":"balduzzi","year":"0","journal-title":"NDSS'10"}],"event":{"name":"2013 35th International Conference on Software Engineering (ICSE)","location":"San Francisco, CA, USA","start":{"date-parts":[[2013,5,18]]},"end":{"date-parts":[[2013,5,26]]}},"container-title":["2013 35th International Conference on Software Engineering (ICSE)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6596173\/6606539\/06606611.pdf?arnumber=6606611","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,3,22]],"date-time":"2017-03-22T22:10:25Z","timestamp":1490220625000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/6606611\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,5]]},"references-count":35,"URL":"https:\/\/doi.org\/10.1109\/icse.2013.6606611","relation":{},"subject":[],"published":{"date-parts":[[2013,5]]}}}