Skip to main content

Posts

Showing posts with the label mysql

SQL Injection(SQLI) Tips

SQL injection (SQLi) is a type of attack in which a hacker can take advantage of the insecure SQL query a web application makes to a database server (such as MySQL, Microsoft SQL Server and Oracle). It exploits weaknesses in a web application that are usually the result of poor development practices or mistakes. SQL injections are among the oldest, most prevalent and dangerous web application vulnerabilities. Since SQL injections affect web applications that make use of an SQL database, virtually every type of web application needs to pay attention to it. By abusing an SQL injection vulnerability, an attacker may be able to bypass a web application’s authentication and authorization mechanisms, retrieve the contents of an entire database, and even add, modify and delete records  in that database, impacting its data integrity.