SCP11 Database Security
What this means
SiteShadow flagged database access patterns that are risky: query construction from untrusted input, overly broad DB permissions, missing parameterization, or unsafe ORM usage.
Why it matters
Unsafe database access can expose or corrupt sensitive data.
- SQL/ORM injection can read/modify data and bypass auth (see
CWE-89/CWE-564). - Privilege amplification when the DB user has broad permissions.
- Data leakage through overly permissive queries and exports.
Safer examples
1) Parameterize queries (never concatenate)
cursor.execute("SELECT * FROM users WHERE email = %s", (email,))2) Allowlist sort/filter fields
If users choose sort fields, map choices to known column names rather than trusting raw input.
3) Use least-privilege DB accounts
Split "read-only" vs "write" roles; restrict schema access; avoid admin DB users in apps.
How SiteShadow detects it (high level)
- Detects query construction near DB sinks and tracks whether untrusted input reaches query text.
- Flags missing parameterization and suspicious string-building patterns in ORM/SQL usage.
References
- OWASP Secure Coding Practices: https://owasp.org/www-project-secure-coding-practices-quick-reference-guide/
---