Code injection – Adding your own information into a data stream Enabled because of bad programming – The application should properly handle input and output So many different data types – HTML, SQL, XML, LDAP, etc.

SQL - Structured Query Language – The most common relational database management system language SQL Injection – Modify SQL requests (Your application shouldn’t allow this) If you can manipulate the database, then you control the application – A significant vulnerability

2.4 - SQL Injection Flashcards by Andrew Dieppa

Code injection

Code injection
– Adding your own information into a data stream
Enabled because of bad programming
– The application should properly handle input
and output
So many different data types
– HTML, SQL, XML, LDAP, etc.

How well did you know this?

Not at all

Perfectly

SQL injection

SQL - Structured Query Language
– The most common relational database management
system language
SQL Injection
– Modify SQL requests (Your application shouldn’t allow this)
If you can manipulate the database,
then you control the application
– A significant vulnerability

How well did you know this?

Not at all

Perfectly

Brainscape's Knowledge GenomeTM

2.4 - SQL Injection Flashcards

Brainscape's Knowledge Genome^TM