|
gptkbp:instanceOf
|
gptkb:Attack_technique
gptkb:Cybersecurity_vulnerability
|
|
gptkbp:affects
|
Databases
|
|
gptkbp:can_be_tested_with
|
gptkb:Burp_Suite
Manual testing
SQLMap
|
|
gptkbp:canBe
|
Privilege escalation
Bypassing authentication
Extracting sensitive data
|
|
gptkbp:cause
|
Unauthorized access
Data deletion
Data modification
Data leakage
|
|
gptkbp:detects
|
Security scanners
Web application firewalls
|
|
gptkbp:exploits
|
Improperly sanitized user input
|
|
gptkbp:firstDescribed
|
1998
|
|
gptkbp:heldBy
|
Common web vulnerability
|
|
gptkbp:listedOn
|
gptkb:OWASP_Top_10
|
|
gptkbp:prevention
|
Input validation
Stored procedures
ORM frameworks
Parameterized queries
|
|
gptkbp:relatedTo
|
gptkb:Cross-site_scripting
Command injection
|
|
gptkbp:riskFactor
|
Applications lacking input sanitization
Applications with dynamic SQL
Legacy applications
|
|
gptkbp:target
|
Web applications
|
|
gptkbp:bfsParent
|
gptkb:CWE-89_(SQL_Injection)
gptkb:A03:2021_–_Injection
gptkb:FindSecBugs
gptkb:AppScan_SAST
gptkb:CWE-89
gptkb:Cross-Site_Scripting
gptkb:CVE-2023-35036
|
|
gptkbp:bfsLayer
|
8
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
SQL Injection
|