| CAPEC | Related Weakness |
| OS Command Injection |
| CWE-20 | Improper Input Validation |
| CWE-78 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') |
| CWE-88 | Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') |
| CWE-697 | Incorrect Comparison |
| CWE-713 | OWASP Top Ten 2007 Category A2 - Injection Flaws |
|
| Parameter Injection |
| CWE-88 | Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') |
|
| Using Meta-characters in E-mail Headers to Inject Malicious Payloads |
| CWE-88 | Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') |
| CWE-150 | Improper Neutralization of Escape, Meta, or Control Sequences |
| CWE-697 | Incorrect Comparison |
| CWE-713 | OWASP Top Ten 2007 Category A2 - Injection Flaws |
|
| HTTP Parameter Pollution (HPP) |
| CWE-88 | Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') |
| CWE-147 | Improper Neutralization of Input Terminators |
| CWE-235 | Improper Handling of Extra Parameters |
|
| Flash Parameter Injection |
| CWE-88 | Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') |
|
