# sql-injection
3 articlestagged with “sql-injection”
SQL Injection via LLM Code Generation
How LLMs generate SQL injection vulnerabilities through string formatting, improper parameterization, and ORM misuse, with detection and prevention strategies.
code-gen-securitysql-injectionllm-vulnerabilitiessecure-coding
CWE Mapping for AI-Generated Vulnerabilities
Common AI-generated vulnerabilities mapped to CWE identifiers with real examples: SQL injection (CWE-89), XSS (CWE-79), path traversal (CWE-22), command injection (CWE-78), and hardcoded credentials (CWE-798).
cwesql-injectionxsspath-traversalcommand-injectionhardcoded-credentialsvulnerability-patterns
MLflow Attack Surface
Security analysis of MLflow: tracking server authentication weaknesses, artifact store access control, model registry tampering, SQL injection in tracking queries, and exploitation techniques for both open-source and managed deployments.
mlflowtracking-servermodel-registrysql-injectionartifact-storeauthentication