Database Hacking Techniques: SQL Injection
Tuesday April 22, 2008
The vast majority of databases in use today have some form of web interface, allowing internal and/or external users easy access through familiar browser software. If you're security-conscious, you've undoubtedly spent a significant amount of time setting appropriate security permissions on your databases and web servers. Have you also considered the security of the code that powers the database-web interface?
One common type of database attack, SQL Injection, allows a malicious individual to execute arbitrary SQL code on your server.
Read the full article: SQL Injection Attacks
One common type of database attack, SQL Injection, allows a malicious individual to execute arbitrary SQL code on your server.
Read the full article: SQL Injection Attacks
This article raises a good area of db security but the example is so trivial that I would expect 1st year computer science students to automatically counter the threats by using at least the first two and preferably all three of the actions to block the attack. any database that does not have parameter checks applied has been designed by anj idiot.