Sql injection, DOT NET Programming

What is SQl injection?

This is a Form of attack on the  database-driven Web site in which the attacker executes the unauthorized SQL commands by taking merits of insecure code on a system connected to the Internet, or bypassing the firewall. The SQL injection attacks are always used to steal the information from a database from which the data would normally not be available and/or to gain access to an organization's host computers through the computer which is hosting the database.

The SQL injection attacks typically are simple to avoid by ensuring that a system has strong input validation.

As the name suggest we inject SQL which can be relatively dangerous for the database.

For Example this is a simple SQL

SELECT email, passwd, login_id, full_name

 FROM members

WHERE email = 'x'

Now someone does not put "x" as the input but puts "x ; DROP TABLE members;". So the actual SQL which will execute is :-

SELECT email, passwd, login_id, full_name

 FROM members

 WHERE email = 'x' ; DROP TABLE members;

Posted Date: 9/24/2012 3:22:41 AM | Location : United States







Related Discussions:- Sql injection, Assignment Help, Ask Question on Sql injection, Get Answer, Expert's Help, Sql injection Discussions

Write discussion on Sql injection
Your posts are moderated
Related Questions
The steps that occur when we request a ASPX page are as follows:- 1) The browser sends the request to the webserver. Now  assume that the webserver at the other end is IIS. 2

Print Floyd's Triangle - C# Program I am unable to make out how to print Floyd's Triangle in C# language. Can anyone suggest me any example for this.

Perform Arithmetic Operations - c# Program Hello, i didn't find the correct way of using arithmetic operations in c#. I am beginner for this language. Please suggest me some e

What is UML? The Unified Modeling Language (UML) is a graphical language for documenting, specifying, visualizing,  constructing, and  the artifacts of a software-intensive sys

The ASP.NET new feature supports are shown below :- Better Language Support 1) The New ADO.NET Concepts have been implemented. 2) The ASP.NET supports complete  language

How will you implement Page Fragment Caching? The Page fragment caching includes the caching of a fragment of the page, rather than the whole page. When the parts of the page a

how to replace a keyword using powershell

how to access global resource file using javascript

I need Job Posting Software for Schools Project Description: I want to create a software program that will automatically post a job to multiple schools. Let me know if you

How to use a checkbox in a datagrid? The steps to be done are as follows:- 1)    In the ASPX page you have to add Itemtemplate tag in datagrid. 2) I