| SQL Injection |
|
CWE-89
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
|
|
CWE-1286
|
Improper Validation of Syntactic Correctness of Input
|
|
| Blind SQL Injection |
|
CWE-20
|
Improper Input Validation
|
|
CWE-74
|
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
|
|
CWE-89
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
|
|
CWE-209
|
Generation of Error Message Containing Sensitive Information
|
|
CWE-697
|
Incorrect Comparison
|
|
CWE-707
|
Improper Neutralization
|
|
CWE-713
|
OWASP Top Ten 2007 Category A2 - Injection Flaws
|
|
| Expanding Control over the Operating System from the Database |
|
CWE-89
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
|
|
CWE-250
|
Execution with Unnecessary Privileges
|
|
| Command Line Execution through SQL Injection |
|
CWE-20
|
Improper Input Validation
|
|
CWE-74
|
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
|
|
CWE-78
|
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
|
|
CWE-89
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
|
|
CWE-114
|
Process Control
|
|
| Object Relational Mapping Injection |
|
CWE-20
|
Improper Input Validation
|
|
CWE-89
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
|
|
CWE-100
|
|
|
CWE-564
|
SQL Injection: Hibernate
|
|
| SQL Injection through SOAP Parameter Tampering |
|
CWE-20
|
Improper Input Validation
|
|
CWE-89
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
|
|