elamb » sql http://elamb.org information system security, risk management, scam research Mon, 28 Nov 2011 02:27:55 +0000 en hourly 1 http://wordpress.org/?v=3.2.1 unixwiz: SQL Injection Attacks by Example http://elamb.org/unixwiz-sql-injection-attacks-by-example/?utm_source=rss&utm_medium=rss&utm_campaign=unixwiz-sql-injection-attacks-by-example http://elamb.org/unixwiz-sql-injection-attacks-by-example/#comments Wed, 03 Oct 2007 17:18:50 +0000 elamb.security injection sql subset unverified unsanitized naively unixwiz  straightforward http://elamb.org/unixwiz-sql-injection-attacks-by-example/ Continue reading ]]> Found this site via del.icio.us.  Pretty good post:

“SQL Injection” is subset of the an unverified/unsanitized user input vulnerability (“buffer overflows” are a different subset), and the idea is to convince the application to run SQL code that was not intended. If the application is creating SQL strings naively on the fly and then running them, it’s straightforward to create some real surprises.

SQL Injection @ unixwiz 

Tags: , ,

]]> http://elamb.org/unixwiz-sql-injection-attacks-by-example/feed/ 0