web analytics
SQL injection attack Options
codeling
Posted: Tuesday, July 10, 2018 2:31:47 PM

Rank:Advanced Member
Groups: Member
Joined: 12/11/2015
Posts: 964
Points: 4059
string query = "SELECT * FROM Student where LastName = '" + lastName + "'";

Try this when lastName =

Jones';DELETE FROM STUDENT;--

Even if your tables are read-only, an attacker can find out a lot of information.

Sponsor
Posted: Tuesday, July 10, 2018 2:31:47 PM
 
Users browsing this topic
Guest

Forum Jump
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.


© 2018 Digcode.com. All rights reserved.