CAPEC Related Weakness
Command Line Execution through SQL Injection
CWE-20Improper Input Validation
CWE-74Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-114Process Control
Object Relational Mapping Injection
CWE-20Improper Input Validation
CWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-100DEPRECATED: Technology-Specific Input Validation Problems
CWE-564SQL Injection: Hibernate
SQL Injection through SOAP Parameter Tampering
CWE-20Improper Input Validation
CWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Expanding Control over the Operating System from the Database
CWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-250Execution with Unnecessary Privileges
SQL Injection
CWE-20Improper Input Validation
CWE-74Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-390Detection of Error Condition Without Action
CWE-697Incorrect Comparison
CWE-707Improper Enforcement of Message or Data Structure
CWE-713OWASP Top Ten 2007 Category A2 - Injection Flaws
Blind SQL Injection
CWE-20Improper Input Validation
CWE-74Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-209Information Exposure Through an Error Message
CWE-390Detection of Error Condition Without Action
CWE-697Incorrect Comparison
CWE-707Improper Enforcement of Message or Data Structure
CWE-713OWASP Top Ten 2007 Category A2 - Injection Flaws
Back to Top