diff --git a/doc/user/application_security/dast/checks/89.1.md b/doc/user/application_security/dast/checks/89.1.md
new file mode 100644
index 0000000000000000000000000000000000000000..ca7ff5e459374238eecc952a71ba460c53d5ac24
--- /dev/null
+++ b/doc/user/application_security/dast/checks/89.1.md
@@ -0,0 +1,37 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
+---
+
+# SQL Injection
+
+## Description
+
+It is possible to execute arbitrary SQL commands on the target application server's
+backend database.
+SQL Injection is a critical vulnerability that can lead to a data or system
+compromise.
+
+## Remediation
+
+Always use parameterized queries when issuing requests to backend database systems. In
+situations where dynamic queries must be created, never use direct user input, but
+instead use a map or dictionary of valid values and resolve them using a user-supplied key.
+
+For example, some database drivers do not allow parameterized queries for `>` or `<` comparison
+operators. In these cases, do not use a user supplied `>` or `<` value, but rather have the user
+supply a `gt` or `lt` value. The alphabetical values are then used to look up the `>` and `<`
+values to be used in the construction of the dynamic query. The same goes for other queries where
+column or table names are required but can not be parameterized.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 89.1 | false | 89 | Active | high |
+
+## Links
+
+- [OWASP](https://owasp.org/www-community/attacks/SQL_Injection)
+- [CWE](https://cwe.mitre.org/data/definitions/89.html)
diff --git a/doc/user/application_security/dast/checks/917.1.md b/doc/user/application_security/dast/checks/917.1.md
new file mode 100644
index 0000000000000000000000000000000000000000..68b9665e393ead01707703a2e68aa39e4aa09fac
--- /dev/null
+++ b/doc/user/application_security/dast/checks/917.1.md
@@ -0,0 +1,33 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
+---
+
+# Expression Language Injection
+
+## Description
+
+It is possible to execute arbitrary Expression Language (EL) statements on the target
+application server. EL injection is a critical severity vulnerability that can lead to
+full system compromise. EL injection can occur when attacker-controlled data is used to construct
+EL statements without neutralizing special characters. These special characters could modify the
+intended EL statement prior to it being executed by an interpreter.
+
+## Remediation
+
+User-controlled data should always have special elements neutralized when used as part of
+constructing Expression Language statements. Please consult the documentation for the EL
+interpreter in use on how properly neutralize user controlled data.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 917.1 | false | 917 | Active | high |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/917.html)
+- [OWASP](https://owasp.org/www-community/vulnerabilities/Expression_Language_Injection)
+- [Expression Language Injection [PDF]](https://mindedsecurity.com/wp-content/uploads/2020/10/ExpressionLanguageInjection.pdf)
diff --git a/doc/user/application_security/dast/checks/94.1.md b/doc/user/application_security/dast/checks/94.1.md
new file mode 100644
index 0000000000000000000000000000000000000000..ec30b41c5e872e27055df880bfc048eb7168e6f4
--- /dev/null
+++ b/doc/user/application_security/dast/checks/94.1.md
@@ -0,0 +1,53 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
+---
+
+# Server-side code injection (PHP)
+
+## Description
+
+The target application was found vulnerable to code injection. A malicious actor could inject arbitrary
+PHP code to be executed on the server. This could lead to a full system compromise by accessing
+stored secrets, injecting code to take over accounts, or executing OS commands.
+
+## Remediation
+
+Never pass user input directly into functions which evaluate string data as code, such as `eval`.
+There is almost no benefit of passing string values to `eval`, as such the best recommendation is
+to replace the current logic with more safe implementations of dynamically evaluating logic with
+user input. One alternative is to use an `array()`, storing expected user inputs in an array
+key, and use that key as a look up to execute functions:
+
+```php
+$func_to_run = function()
+{
+    print('hello world');
+};
+
+$function_map = array();
+$function_map["fn"] = $func_to_run; // store additional input to function mappings here
+
+$input = "fn";
+
+// lookup "fn" as the key
+if (array_key_exists($input, $function_map)) {
+    // run the $func_to_run that was stored in the "fn" array hash value.
+    $func = $function_map[$input];
+    $func();
+} else {
+    print('invalid input');
+}
+```
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 94.1 | false | 94 | Active | high |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/94.html)
+- [OWASP](https://owasp.org/www-community/attacks/Code_Injection)
diff --git a/doc/user/application_security/dast/checks/94.2.md b/doc/user/application_security/dast/checks/94.2.md
new file mode 100644
index 0000000000000000000000000000000000000000..666052807b5dfa053cba09338402c0539583fbbf
--- /dev/null
+++ b/doc/user/application_security/dast/checks/94.2.md
@@ -0,0 +1,51 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
+---
+
+# Server-side code injection (Ruby)
+
+## Description
+
+The target application was found vulnerable to code injection. A malicious actor could inject arbitrary
+Ruby code to be executed on the server. This could lead to a full system compromise by accessing
+stored secrets, injecting code to take over accounts, or executing OS commands.
+
+## Remediation
+
+Never pass user input directly into functions which evaluate string data as code, such as `eval`,
+`send`, `public_send`, `instance_eval` or `class_eval`. There is almost no benefit of passing string 
+values to these methods, as such the best recommendation is to replace the current logic with more safe
+implementations of dynamically evaluating logic with user input. If using `send` or `public_send` ensure
+the first argument is to a known, hardcoded method/symbol and does not come from user input. 
+
+For `eval`, `instance_eval` and `class_eval`, user input should never be sent directly to these methods.
+One alternative is to store functions or methods in a Hash that can be looked up using a key. If the key
+exists, the function can be executed.
+
+```ruby
+def func_to_run
+  puts 'hello world'
+end
+
+input = 'fn'
+
+function_map = { fn: method(:func_to_run) }
+
+if function_map.key?(input.to_sym)
+  function_map[input.to_sym].call
+else
+  puts 'invalid input'
+end
+```
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 94.2 | false | 94 | Active | high |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/94.html)
diff --git a/doc/user/application_security/dast/checks/94.3.md b/doc/user/application_security/dast/checks/94.3.md
new file mode 100644
index 0000000000000000000000000000000000000000..772cdb1d3ea9d7898beb83ec617862d2d71fb67c
--- /dev/null
+++ b/doc/user/application_security/dast/checks/94.3.md
@@ -0,0 +1,45 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
+---
+
+# Server-side code injection (Python)
+
+## Description
+
+The target application was found vulnerable to code injection. A malicious actor could inject arbitrary
+Python code to be executed on the server. This could lead to a full system compromise by accessing
+stored secrets, injecting code to take over accounts, or executing OS commands.
+
+## Remediation
+
+Never pass user input directly into functions which evaluate string data as code, such as `eval`,
+or `exec`. There is almost no benefit of passing string values to these methods, as such the best
+recommendation is to replace the current logic with more safe implementations of dynamically evaluating
+logic with user input. One alternative is to store functions or methods in a hashmap that can be looked
+up using a key. If the key exists, the function can be executed.
+
+```python
+def func_to_run():
+    print('hello world')
+
+function_map = {'fn': func_to_run}
+
+input = 'fn'
+
+if input in function_map:
+    function_map[input]()
+else:
+    print('invalid input')
+```
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 94.3 | false | 94 | Active | high |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/94.html)
diff --git a/doc/user/application_security/dast/checks/943.1.md b/doc/user/application_security/dast/checks/943.1.md
new file mode 100644
index 0000000000000000000000000000000000000000..debae65669a0477308ac30cf972acc099b9542aa
--- /dev/null
+++ b/doc/user/application_security/dast/checks/943.1.md
@@ -0,0 +1,30 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
+---
+
+# Improper neutralization of special elements in data query logic
+
+## Description
+
+The application generates a query intended to interact with MongoDB,
+but it does not neutralize or incorrectly neutralizes special elements
+that can modify the intended logic of the query.
+
+## Remediation
+
+Refactor find or search queries to use standard
+filtering operators such as `$gt` or `$in` instead of broad operators such
+as `$where`. If possible, disable the MongoDB JavaScript interface entirely.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 943.1 | false | 943 | Active | high |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/943.html)
+- [Disabling MongoDB Server Side JS](https://www.mongodb.com/docs/manual/core/server-side-javascript/#std-label-disable-server-side-js)
diff --git a/doc/user/application_security/dast/checks/index.md b/doc/user/application_security/dast/checks/index.md
index 4d41f08672e7ee3e6aa07d26c3d841d423de63b3..b6f8f1cea3f2f366cbc721fd5499782717ef6390 100644
--- a/doc/user/application_security/dast/checks/index.md
+++ b/doc/user/application_security/dast/checks/index.md
@@ -170,4 +170,11 @@ The [DAST browser-based crawler](../browser_based.md) provides a number of vulne
 | [113.1](113.1.md) | Improper Neutralization of CRLF Sequences in HTTP Headers | High | Active |
 | [22.1](22.1.md) | Improper limitation of a pathname to a restricted directory (Path traversal) | High | Active |
 | [611.1](611.1.md) | External XML Entity Injection (XXE) | High | Active |
+| [89.1](89.1.md) | SQL Injection | High | Active |
+| [917.1](917.1.md) | Expression Language Injection | High | Active |
+| [94.1](94.1.md) | Server-side code injection (PHP) | High | Active |
+| [94.2](94.2.md) | Server-side code injection (Ruby) | High | Active |
+| [94.3](94.3.md) | Server-side code injection (Python) | High | Active |
 | [94.4](94.4.md) | Server-side code injection (NodeJS) | High | Active |
+| [943.1](943.1.md) | Improper neutralization of special elements in data query logic | High | Active |
+>