{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,30]],"date-time":"2025-05-30T05:44:45Z","timestamp":1748583885259},"reference-count":24,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017,9]]},"DOI":"10.1109\/scam.2017.20","type":"proceedings-article","created":{"date-parts":[[2017,11,3]],"date-time":"2017-11-03T00:49:21Z","timestamp":1509670161000},"page":"159-164","source":"Crossref","is-referenced-by-count":6,"title":["Detecting Security Vulnerabilities in Object-Oriented PHP Programs"],"prefix":"10.1109","author":[{"given":"Mona","family":"Nashaat","sequence":"first","affiliation":[]},{"given":"Karim","family":"Ali","sequence":"additional","affiliation":[]},{"given":"James","family":"Miller","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/SERVICES.2015.53"},{"key":"ref11","article-title":"Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Technical Report)","author":"jovanovic","year":"2006","journal-title":"Secure Systems Lab Vienna University of Technologv"},{"journal-title":"Jflex - the fast scanner generator for java","year":"2009","author":"klein","key":"ref12"},{"key":"ref13","article-title":"CuP parser generator for java","author":"hudson","year":"0","journal-title":"Princeton University 1999"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2008.22"},{"key":"ref15","first-page":"127","article-title":"Graphviz and dynagraphstatic and dynamic graph drawing tools","author":"ellson","year":"2004","journal-title":"Graph Drawing Software"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSACW.2011.26"},{"journal-title":"Automated security review of PHP web applications with static code analysis","year":"2010","author":"de poel","key":"ref17"},{"journal-title":"CLOC Count Lines of Code","year":"2009","author":"danial","key":"ref18"},{"journal-title":"Concrete","year":"2017","key":"ref19"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23262"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2006.29"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-10431-7_24"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2015.16"},{"key":"ref8","first-page":"1","article-title":"Cross-Site Scripting (XSS) attacks and defense mechanisms: classification and state-of-the-art","author":"gupta","year":"2015","journal-title":"International Journal of System Assurance Engineering and Management"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1145\/1134744.1134751"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2015.08.002"},{"key":"ref1","article-title":"Towards Understanding the Value of False Positives in Static Code Analysis","author":"carlo","year":"2016","journal-title":"2016 Seventh Latin-American Symposium on Dependable Computing (LADC) LADC"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/ICRAIE.2014.6909173"},{"journal-title":"XOOPS Web Application System","year":"2016","key":"ref20"},{"journal-title":"B2evolution","year":"2016","key":"ref22"},{"journal-title":"PhpNuke The first PHP CMS","year":"0","key":"ref21"},{"journal-title":"OWASP Mutillidae Web Pen-Test Practice Application","year":"2016","key":"ref24"},{"journal-title":"Magento","year":"2017","key":"ref23"}],"event":{"name":"2017 IEEE 17th International Working Conference on Source Code Analysis and Manipulation (SCAM)","start":{"date-parts":[[2017,9,17]]},"location":"Shanghai","end":{"date-parts":[[2017,9,18]]}},"container-title":["2017 IEEE 17th International Working Conference on Source Code Analysis and Manipulation (SCAM)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/8089459\/8090123\/08090150.pdf?arnumber=8090150","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,2,4]],"date-time":"2020-02-04T07:07:21Z","timestamp":1580800041000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/8090150\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,9]]},"references-count":24,"URL":"https:\/\/doi.org\/10.1109\/scam.2017.20","relation":{},"subject":[],"published":{"date-parts":[[2017,9]]}}}