WyseLabs Internet Marketing Forum :: Start Sharing

A Dedicated Room for Testing, Experimenting, Listing & Discussing Internet Marketing Innovation
http://www.wyselabs.com/marketinglab/

SQL Injection

http://www.wyselabs.com/marketinglab/viewtopic.php?f=13&t=2040

Page 1 of 1

SQL Injection

PostPosted: Fri Jun 11, 2010 4:53 am
by sreehari
A SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system.
SQL Injection is very common with PHP and ASP applications due to the prevalence of older functional interfaces. Due to the nature of programmatic interfaces available, Java EE and ASP.NET applications are less likely to have easily exploited SQL injections.
Common SQL injection attacks can see

Re: SQL Injection

PostPosted: Mon Jun 14, 2010 2:25 am
by jay
Thanks Sreehari for the tutorial post. It's very detailed with step by step examples on situations where sql injections happens and how to tackle it. A must read for programmers. !

Read more about it - http://www.learnphponline.com/security/ ... -mysql-php
All times are UTC - 5 hours
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
http://www.phpbb.com/