in Ethical Hacking by
Q:
What is SQL injection and how to prevent it?

1 Answer

0 votes
by

SQL injection is a type of injection attack that executes malicious SQL statements and controls the database server behind a web application.

These attacks mostly take place on the web pages developed using ASP.NET or PHP.

These attacks can be made with the following intentions:

To execute the different queries that are not allowed on the application.

To change the content of the database

To dump the entire database of the system.

The only way to prevent the SQL injection attack is input validation and parameterized queries including prepared statements. The application code should never use the input directly.

Related questions

0 votes
asked Oct 22, 2019 in Ethical Hacking by SakshiSharma
+1 vote
asked May 17 in Ethical Hacking by Robindeniel
...