Injection
Injection occurs when an attacker is able to insert malicious input into an application, causing it to execute unintended commands or queries. This vulnerability arises when user input is improperly handled, allowing attackers to manipulate databases, operating systems, or other backend services. Injection attacks can lead to data breaches, unauthorized access, remote code execution (RCE), and full system compromise.
Common Vulnerabilities:
- SQL Injection (SQLi) – Manipulating database queries
- Command Injection – Executing system commands
- Cross-Site Scripting (XSS) – Injecting malicious scripts in web pages
- LDAP Injection – Manipulating directory service queries
- NoSQL Injection – Exploiting NoSQL databases like MongoDB
- XML Injection (XXE) – Exploiting XML parsers to read local files
- Email Header Injection – Modifying email headers to send spam or phishing emails
To mitigate these risks, applications should use parameterized queries (prepared statements), validate and sanitize user input, escape special characters, enforce content security policies (CSP), and implement least privilege access for backend services. Regular security testing, including automated scans and manual penetration testing, is essential to detect and prevent injection vulnerabilities.