CWE-89

URI: https://gptkb.org/entity/CWE-89

GPTKB entity

Predicate	Object
gptkbp:instanceOf	gptkb:Common_Weakness_Enumeration
gptkbp:affects	Databases Web Applications
gptkbp:category	gptkb:Injection
gptkbp:cause	gptkb:Privilege_Escalation gptkb:Data_Breach gptkb:Authentication_Bypass Data Loss
gptkbp:describes	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
gptkbp:example	SELECT * FROM users WHERE username = '$user' AND password = '$pass';
gptkbp:firstPublished	2006
gptkbp:hasCWE	89
https://www.w3.org/2000/01/rdf-schema#label	CWE-89
gptkbp:maintainedBy	gptkb:MITRE_Corporation
gptkbp:name	gptkb:SQL_Injection
gptkbp:prevention	Stored Procedures Input Validation Use of Prepared Statements
gptkbp:relatedTo	gptkb:OWASP_Top_10 CWE-564 CWE-943
gptkbp:bfsParent	gptkb:CWE gptkb:CVE-2023-34362
gptkbp:bfsLayer	7