what is sql injection?

Answers were Sorted based on User's Feedback



what is sql injection?..

Answer / reva ram sahu

SQL Injection happens when a developer accepts user input
that is directly placed into a SQL Statement and doesn't
properly filter out dangerous characters. This can allow an
attacker to not only steal data from your database, but also
modify and delete it. Certain SQL Servers such as Microsoft
SQL Server contain Stored and Extended Procedures (database
server functions). If an attacker can obtain access to these
Procedures it may be possible to compromise the entire
machine. Attackers commonly insert single qoutes into a
URL's query string, or into a forms input field to test for
SQL Injection. If an attacker receives an error message like
the one below there is a good chance that the application is
vulnerable to SQL Injection.

Is This Answer Correct ?    6 Yes 1 No

what is sql injection?..

Answer / a

It's a secuity vulnerability that occurs between the
database layer of an application.

Is This Answer Correct ?    5 Yes 1 No

Post New Answer

More SQL Server Interview Questions

Differnce between sel server 2000 and 2005

3 Answers  


What is thr feature of change data capture?

0 Answers  


Show Practically Sql Server Views are updatable?

0 Answers   QuestPond,


What are the tool windows in sql server management studio? : sql server management studio

0 Answers  


How can you find out which stored procedures are recompiling?

0 Answers  


What is normalization of database? What are its benefits?

0 Answers  


What is nonclustered index on computed columns?

0 Answers  


Define cross join in sql server joins?

0 Answers  


What is the security model used in sql server 2005?

0 Answers  


What is a group function explain with an example?

0 Answers  


How to replace given values with null using nullif()?

0 Answers  


Explain use of expression builder.

0 Answers  


Categories