Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision |
| help:sql_injection_sqli [2020/07/22 17:54] – old revision restored (2016/10/12 10:14) 207.244.157.10 | help:sql_injection_sqli [2020/07/22 17:55] (current) – old revision restored (2016/10/13 15:20) 207.244.157.10 |
|---|
| |
| Injection flaws occur when an application sends untrusted data to an interpreter. Injection flaws are very prevalent, particularly in legacy code. They are often found in SQL, LDAP, Xpath, or NoSQL queries; OS commands; XML parsers, SMTP Headers, program arguments, etc. Injection flaws are easy to discover when examining code, but frequently hard to discover via testing. Scanners and fuzzers can help attackers find injection flaws. | Injection flaws occur when an application sends untrusted data to an interpreter. Injection flaws are very prevalent, particularly in legacy code. They are often found in SQL, LDAP, Xpath, or NoSQL queries; OS commands; XML parsers, SMTP Headers, program arguments, etc. Injection flaws are easy to discover when examining code, but frequently hard to discover via testing. Scanners and fuzzers can help attackers find injection flaws. |
| | |
| | [[SQL Injection:Basic types of SQL injections|Basic types of SQL injections]] |
| | |
| | [[SQL Injection:Check if a website is vulnerable to SQL Injection|Check if a website is vulnerable to SQL Injection]] |
| |
| [[SQL Injection:Example attacks|Example attacks]] | [[SQL Injection:Example attacks|Example attacks]] |
| |
| [[SQL Injection:Primary Defenses|Primary Defenses]] | [[SQL Injection:Primary Defenses|Primary Defenses]] |
| | |
| | [[SQL Injection:What is SQL Injection|What is SQL Injection]] |
| | |
| | [[SQL Injection:Why not to use escape quotes as a defence|Why not to use escape quotes as a defence]] |
| |
| |
| |
