Understanding SQL Injection
SQL injection vulnerabilities enable an attacker to manipulate the database commands executed by a Web application. For many Web sites, databases drive dynamic content, store product lists, track orders, maintain user profiles, or conduct some very central duty for the site, albeit one that occurs behind the scenes. These sites execute database commands when users perform all sorts of actions, which also affect the type of command to be executed. The database might be queried for relatively static information, such as books written by Arthur Conan Doyle, or quickly changing data, such as recent comments on a popular discussion thread. New information might be inserted into the database, such as posting a new comment ...
Get Seven Deadliest Web Application Attacks now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.