Questions about this topic? Sign up to ask in the talk tab.

Category:SQL injection

From NetSec

Revision as of 18:44, 19 November 2012 by LashawnSeccombe (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

SQL injection is a method of exploiting web applications performed over http or https to compromise the underlying database engine supporting dynamic content for the web application itself. Successful exploitation of an SQL injection vulnerability can result in the attacker gaining unfettered access to the database and can lead to further privilege escalation.

Typically, databases include things like (but not limited to):

Authentication credentials
Other identifying information about a user (like an IP address)
Site configurations
Site content and themes
Communications between users within the site

SQL injection requires a basic understanding of SQL and manipulation of SQL data

This category currently contains no pages or media.

Retrieved from "http://nets.ec/index.php?title=Category:SQL_injection&oldid=9938"

Navigation menu