# sql-injection
標記為「sql-injection」的 6 篇文章
SQL Injection via LLM Code Generation
How LLMs generate SQL injection vulnerabilities through string formatting, improper parameterization, and ORM misuse, with detection and prevention strategies.
CWE Mapping for AI-Generated Vulnerabilities
Common AI-generated vulnerabilities mapped to CWE identifiers with real examples: SQL injection (CWE-89), XSS (CWE-79), path traversal (CWE-22), command injection (CWE-78), and hardcoded credentials (CWE-798).
MLflow Attack Surface
Security analysis of MLflow: tracking server authentication weaknesses, artifact store access control, model registry tampering, SQL injection in tracking queries, and exploitation techniques for both open-source and managed deployments.
SQL Injection via LLM Code Generation
How LLMs generate SQL injection vulnerabilities through string formatting, improper parameterization, and ORM misuse, with detection and prevention strategies.
AI 生成漏洞之 CWE 對映
常見 AI 生成漏洞對映至 CWE 識別碼——附真實範例:SQL 注入(CWE-89)、XSS(CWE-79)、路徑穿越(CWE-22)、命令注入(CWE-78)與硬編碼憑證(CWE-798)。
MLflow 攻擊 Surface
安全 analysis of MLflow: tracking server authentication weaknesses, artifact store access control, model registry tampering, SQL injection in tracking queries, and exploitation techniques for both open-source and managed deployments.