Monday, September 10, 2012

SQL Injection

What Is SQL Injection?

SQL injection is a technique to maliciously exploit applications that use client-supplied data in SQL statements. Attackers trick the SQL engine into executing unintended commands by supplying specially crafted string input, thereby gaining unauthorized access to a database in order to view or manipulate restricted data.
SQL injection techniques may differ, but they all exploit a single vulnerability in the application

No comments:

Post a Comment