CAPEC Related Weakness
Cross Zone Scripting
CWE-20Improper Input Validation
CWE-116Improper Encoding or Escaping of Output
CWE-250Execution with Unnecessary Privileges
CWE-285Improper Authorization
CWE-638Not Using Complete Mediation
Expanding Control over the Operating System from the Database
CWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-250Execution with Unnecessary Privileges
Target Programs with Elevated Privileges
CWE-15External Control of System or Configuration Setting
CWE-250Execution with Unnecessary Privileges
CWE-264
Back to Top