+1 vote
in Cyber Security by
What is SQL injection and how it can be prevented?

1 Answer

0 votes
by

SQL Injection (SQLi) is a type of code injection attack where it manages to execute malicious SQL statements to control a database server behind a web application. Attackers mostly use this to avoid application security measures and thereby access, modify, and delete unauthorized data.

The following ways will help you to mitigate or prevent SQL injection attacks:

  • Include Prepared Statements (with Parameterized Queries)
  • Use Stored Procedures
  • Validate user input
  • Hide data from the error message
  • Update your system
  • Store database credentials separate and encrypted
  • Disable shell and any other functionalities you don’t need

Related questions

+1 vote
asked May 18, 2021 in Ethical Hacking by Robindeniel
0 votes
asked Dec 22, 2023 in C Plus Plus by GeorgeBell
...