SQL Injection Attacks by Example

January 8, 2005

A great read for anyone running a web based application. This goes to show how important it is to validate user imput before executing it.

"SQL Injection" is subset of the an unverified/unsanitized user input vulnerability ("buffer overflows" are a different subset), and the idea is to convince the application to run SQL code that was not intended. If the application is creating SQL strings naively on the fly and then running them, it's straightforward to create some real surprises.

See: SQL Injection Attacks by Example

Transform your business without wasting money.

We help you identify, audit and implement technology changes within your business to create leverage points to scale your company faster.