SQL Injection via Untrusted Input
Description
Untrusted input concatenated with raw SQL query can result in SQL Injection, allowing attackers to execute arbitrary SQL commands and potentially extract or modify sensitive data.
Examples
Insecure Code
javascript
const sql = 'SELECT * FROM users WHERE name = \' + req.query.name + '\';
const results = db.query(sql);Secure Code
javascript
const sql = 'SELECT * FROM users WHERE name =?';
const results = db.query(sql, [req.query.name]);Remediation
Use parameterized queries or prepared statements to separate code from user input, and ensure that all user input is properly sanitized and validated.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0361 |
| Category | Injection |
| Severity | CRITICAL |
| CWE | CWE-89 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | HIGH |
| Exploitability | EASY |
| Tags | SQL Injection, Node.js, Database Security |
| OWASP | A1:2017-Injection, A03:2021-Injection |