|
|
|
Description:
Let's talk first about plain, old-fashioned, no-frills SQL injection. This is a hacking method that allows an unauthorized attacker to access a database server. It is facilitated by a common coding blunder: the program accepts data from a client and executes SQL queries without first validating the client's input. The attacker is then free to extract, modify, add, or delete content from the database. In some circumstances, he may even penetrate past the database server and into the underlying operating system.
Read the Complete Paper You don't have permission to post replies. Please login or register. |
