CAPEC Related Weakness
SQL Injection
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-1286 Improper Validation of Syntactic Correctness of Input
Blind SQL Injection
CWE-20 Improper Input Validation
CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-209 Generation of Error Message Containing Sensitive Information
CWE-697 Incorrect Comparison
CWE-707 Improper Neutralization
CWE-713 OWASP Top Ten 2007 Category A2 - Injection Flaws
Expanding Control over the Operating System from the Database
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-250 Execution with Unnecessary Privileges
Command Line Execution through SQL Injection
CWE-20 Improper Input Validation
CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-114 Process Control
Object Relational Mapping Injection
CWE-20 Improper Input Validation
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-100
CWE-564 SQL Injection: Hibernate
SQL Injection through SOAP Parameter Tampering
CWE-20 Improper Input Validation
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')