Bayt.com

ابدأ بالتواصل مع الأشخاص وتبادل معارفك المهنية

أنشئ حسابًا أو سجّل الدخول للانضمام إلى مجتمعك المهني.

أضف إجابة
أنشئ حسابًا أو سجّل الدخول للإجابة
Haroon Ahmad Dar
من قبل Haroon Ahmad Dar , web developer , Swenggco Software

SQL injection contains some dynamic statements which can be pass into SQL error effected area and retrieve the desired results from database.

Gayasuddin Mohammed
من قبل Gayasuddin Mohammed , Advocate , Practicing Law before High Court at Hyderabad

Dynamic sql statements by passing required variables runtime and receiving the results in local structures to make use of the retrieved info in the programs. Thanks.

Zoraiz Ali
من قبل Zoraiz Ali , Lectureship , College

SQL injection is a code injection technique, used to attack data-driven applications, in which nefarious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).

antonios awadallah
من قبل antonios awadallah , HRMS Application Consultant , HITS Technologies

thank you for the invitation

It refers to an injection attack wherein an attacker can execute malicious SQL statements (also commonly referred to as a malicious payload) that control a web application’s database server (also commonly referred to as a Relational Database Management System – RDBMS). Since an SQL Injection vulnerability could possibly affect any website or web application that makes use of an SQL-based database, the vulnerability is one of the oldest, most prevalent and most dangerous of web application vulnerabilities.

shakeel mir
من قبل shakeel mir , Senior Software Developer , Rawat-Al-Makan

SQL injection is very dangerous thing. It may be destroy your application and database. In other word its type of error or bug to insert your application and try to hack it.

Syed Sohaib Ahmed
من قبل Syed Sohaib Ahmed , D365 FO Developer , Airswift

SQL Injection is a type of SQL attack in which an SQL command is entered into a system using input field on a web page. These SQL commands are meant to harm the system. It is usually advised to analyze the user input before saving it in the database, just to make sure there's no malicious bit of code in it.

Check this link for more details about SQL Injection

مستخدم محذوف‎
من قبل مستخدم محذوف‎

SQL injection is a technique where malicious users (like hackers) can inject SQL commands into an SQL statement, via web page input. These injected SQL commands can alter SQL statement and compromise the security of a web application.

Muhammad Nauman
من قبل Muhammad Nauman , Salima Garments & Tailoring Company , Salima Garments & Tailoring Company LLC

SQL Injection is type of inserting too much data in a database, that it will become too slow that others request may be pending and delayed by the database administrator.

Ziauddin Zia
من قبل Ziauddin Zia , Software Engineer , Asia Poultry Feeds (Pvt) Ltd

SQL Injection:

SQL injection is a type of security exploit in which the attacker adds Structured Query Language (SQL) code to a Web form input box to gain access to resources or make changes to data. An SQL query is a request for some action to be performed on a database. Typically, on a Web form for user authentication, when a user enters their name and password into the text boxes provided for them, those values are inserted into a SELECT query. If the values entered are found as expected, the user is allowed access; if they aren't found, access is denied. However, most Web forms have no mechanisms in place to block input other than names and passwords. Unless such precautions are taken, an attacker can use the input boxes to send their own request to the database, which could allow them to download the entire database or interact with it in other illicit ways.

I can also suggest a link:

http://stackoverflow.com/questions/601300/what-is-sql-injection

أضف إجابتك
المزيد من الأسئلة المماثلة