CWE-89 (SQL Injection)

GPTKB entity

Statements (20)
Predicate Object
gptkbp:instanceOf gptkb:security
gptkbp:affects web applications
database-driven applications
gptkbp:category Improper Neutralization of Special Elements used in an SQL Command
gptkbp:cause data breach
data loss
privilege escalation
unauthorized data access
gptkbp:describedBy gptkb:Common_Weakness_Enumeration
https://www.w3.org/2000/01/rdf-schema#label CWE-89 (SQL Injection)
gptkbp:name gptkb:SQL_Injection
gptkbp:prevention input validation
stored procedures
least privilege principle
parameterized queries
gptkbp:relatedTo gptkb:OWASP_Top_10
CWE-564 (SQL Injection: Hibernate)
gptkbp:vulnerableTo gptkb:CWE-89
gptkbp:bfsParent gptkb:Common_Weakness_Enumeration_(CWE)
gptkbp:bfsLayer 7