Statements (23)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:Common_Weakness_Enumeration
|
| gptkbp:affects |
Databases
Web Applications |
| gptkbp:category |
gptkb:Injection
|
| gptkbp:cause |
gptkb:Privilege_Escalation
gptkb:Data_Breach gptkb:Authentication_Bypass Data Loss |
| gptkbp:describes |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
|
| gptkbp:example |
SELECT * FROM users WHERE username = '$user' AND password = '$pass';
|
| gptkbp:firstPublished |
2006
|
| gptkbp:hasCWE |
89
|
| gptkbp:maintainedBy |
gptkb:MITRE_Corporation
|
| gptkbp:name |
gptkb:SQL_Injection
|
| gptkbp:prevention |
Stored Procedures
Input Validation Use of Prepared Statements |
| gptkbp:relatedTo |
gptkb:OWASP_Top_10
CWE-564 CWE-943 |
| gptkbp:bfsParent |
gptkb:CWE
|
| gptkbp:bfsLayer |
7
|
| https://www.w3.org/2000/01/rdf-schema#label |
CWE-89
|