> ## Documentation Index
> Fetch the complete documentation index at: https://docs.codeant.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Sqli

<AccordionGroup>
  <Accordion title="csharp-sqli">
    Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Use a prepared statements instead. You can obtain a PreparedStatement using 'SqlCommand' and 'SqlParameter'.<br />**Likelihood**: LOW<br />**Confidence**: MEDIUM<br />**CWE**: <br />- CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
    <br />**OWASP**: <br />- A01:2017 - Injection
    <br />- A03:2021 - Injection
  </Accordion>
</AccordionGroup>
