How to trigger warnings for these? Sql injection, stack trace, and hard coded passwords


Does anyone know whether any of these can trigger a warning in Fortify on Demand? I'm trying to figure which tool is better for me to use, these are just simple codes that I found helpful to do a quick test.

1) SQL injection

dbConnection = Utilities.getDBConnection();

sqlStatement= dbConnection.createStatement();

String query = "insert into users (status) values ('updated') where name='" data "'";

sqlStatement= dbConnection.createStatement();

Boolean result = sqlStatement.execute(query);

2) StackTrace

} catch (Exception e) {



3) Hard coded constants for db connection

return DriverManager.getConnection("jdbc:mysql://localhost/dbName", MYSQL_USERNAME, MYSQL_PASSWORD);