This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
SQL Injection
SQL Injection

Version management

Difference between version and

At line 1 added 14 lines
!!! Overview[1]
[{$pagename}] ([SQLi]) is a [code injection] technique, used to [attack] data-driven [applications], in which nefarious [SQL] statements are inserted into an entry field for execution (e.g. to dump the [database] contents to the [attacker]).
[{$pagename}] must [exploit] a security [vulnerability] in an [application]'s software; for [example], when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed.
[{$pagename}] is mostly known as an [attack] vector for [websites] but can be used to [attack] any type of [SQL] [database].
[{$pagename}] is an [Implementation] [Vulnerability] and not a [SQL] [Protocol] [Vulnerability]
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [SQL_injection|Wikipedia:SQL_injection|target='_blank'] - based on information obtained 2018-04-23-
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop