SQL injection attack Options

codeling 1247 - 5334
@2018-07-10 14:31:47
string query = "SELECT * FROM Student where LastName = '" + lastName + "'";

Try this when lastName =

Jones';DELETE FROM STUDENT;--

Even if your tables are read-only, an attacker can find out a lot of information.

 
Users browsing this topic
Guest