CAPEC Related Weakness
Command Line Execution through SQL Injection
CWE-20Improper Input Validation
CWE-74Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-114Process Control
Object Relational Mapping Injection
CWE-20Improper Input Validation
CWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-100
CWE-564SQL Injection: Hibernate
SQL Injection through SOAP Parameter Tampering
CWE-20Improper Input Validation
CWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Expanding Control over the Operating System from the Database
CWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-250Execution with Unnecessary Privileges
SQL Injection
CWE-20Improper Input Validation
CWE-74Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-390Detection of Error Condition Without Action
CWE-697Insufficient Comparison
CWE-707Improper Enforcement of Message or Data Structure
CWE-713
Blind SQL Injection
CWE-20Improper Input Validation
CWE-74Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-209Information Exposure Through an Error Message
CWE-390Detection of Error Condition Without Action
CWE-697Insufficient Comparison
CWE-707Improper Enforcement of Message or Data Structure
CWE-713
Back to Top