Statements (20)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:security
|
| gptkbp:affects |
web applications
database-driven applications |
| gptkbp:category |
Improper Neutralization of Special Elements used in an SQL Command
|
| gptkbp:cause |
data breach
data loss privilege escalation unauthorized data access |
| gptkbp:describedBy |
gptkb:Common_Weakness_Enumeration
|
| https://www.w3.org/2000/01/rdf-schema#label |
CWE-89 (SQL Injection)
|
| gptkbp:name |
gptkb:SQL_Injection
|
| gptkbp:prevention |
input validation
stored procedures least privilege principle parameterized queries |
| gptkbp:relatedTo |
gptkb:OWASP_Top_10
CWE-564 (SQL Injection: Hibernate) |
| gptkbp:vulnerableTo |
gptkb:CWE-89
|
| gptkbp:bfsParent |
gptkb:Common_Weakness_Enumeration_(CWE)
|
| gptkbp:bfsLayer |
7
|