unixwiz: SQL Injection Attacks by Example

by Bruce Brown | 0 comment

Found this site via del.icio.us.  Pretty good post:

“SQL Injection” is subset of the an unverified/unsanitized user input vulnerability (“buffer overflows” are a different subset), and the idea is to convince the application to run SQL code that was not intended. If the application is creating SQL strings naively on the fly and then running them, it’s straightforward to create some real surprises.

SQL Injection @ unixwiz 

Leave a Reply

Your email address will not be published. Required fields are marked *

Comment *