Questions about this topic? Sign up to ask in the talk tab.
Category:SQL injection
From NetSec
Revision as of 17:44, 19 November 2012 by LashawnSeccombe (Talk | contribs)
SQL injection is a method of exploiting web applications performed over http or https to compromise the underlying database engine supporting dynamic content for the web application itself. Successful exploitation of an SQL injection vulnerability can result in the attacker gaining unfettered access to the database and can lead to further privilege escalation.
Typically, databases include things like (but not limited to):
- Authentication credentials
- Other identifying information about a user (like an IP address)
- Site configurations
- Site content and themes
- Communications between users within the site
SQL injection requires a basic understanding of SQL and manipulation of SQL data |
This category currently contains no pages or media.