What is a SQL Injection Vulnerability?

Posted on May 24, 2011July 12, 2019 by Yash

An SQL Injection attack is a code injection attack when input from an attacker reaches one of your databases without any filteration or validation. As a result of such an attack, a malicious user may be able to:

Execute any read / write / update / delete query on your database.
Execute system level commands and retrieve the output.
Read / write files into any accessible location on the server.

How do I fix an SQL Injection?

The following posts provided specific details for fixing SQL injection vulnerabilities in various programming languages and through a variety of methods.

PHP

Fixing SQL Injection in PHP and MySQL Database
Fixing SQL Injection in PHP and Microsoft SQL Server
Fixing SQL Injection in PHP and Oracle Database

ASP

Fixing SQL Injection in ASP and MSSQL
Fixing SQL Injection in ASP and Oracle

.NET

Fixing SQL Injection in .NET and MSSQL
Fixing SQL Injection in .NET and Oracle

Java

Fixing SQL Injection in Java and MSSQL
Fixing SQL Injection in Jsp and Oracle

About Yash

View all posts

What is a SQL Injection Vulnerability?

How do I fix an SQL Injection?

About Yash

Leave a Reply Cancel reply

Quick Links

Recent Posts

Categories