what is sql injection?

Answers were Sorted based on User's Feedback



what is sql injection?..

Answer / reva ram sahu

SQL Injection happens when a developer accepts user input
that is directly placed into a SQL Statement and doesn't
properly filter out dangerous characters. This can allow an
attacker to not only steal data from your database, but also
modify and delete it. Certain SQL Servers such as Microsoft
SQL Server contain Stored and Extended Procedures (database
server functions). If an attacker can obtain access to these
Procedures it may be possible to compromise the entire
machine. Attackers commonly insert single qoutes into a
URL's query string, or into a forms input field to test for
SQL Injection. If an attacker receives an error message like
the one below there is a good chance that the application is
vulnerable to SQL Injection.

Is This Answer Correct ?    6 Yes 1 No

what is sql injection?..

Answer / a

It's a secuity vulnerability that occurs between the
database layer of an application.

Is This Answer Correct ?    5 Yes 1 No

Post New Answer

More SQL Server Interview Questions

What is the difference between for trigger and after trigger?

0 Answers  


What are synonyms?

0 Answers  


How to insert new line characters into strings?

0 Answers  


What happens when converting big values to numeric data types?

0 Answers  


Where can you add custom error messages to sql server?

0 Answers  


Do you know what is raid and what are different types of raid configurations? : SQL Server Architecture

0 Answers  


What is auditing in sql server?

0 Answers  


What is deploy, process and build? : sql server analysis services, ssas

0 Answers  


can you any body tell me the difference between candidate key and primary key

4 Answers  


Detail about the hardware which is supported by SQL server?

0 Answers  


What is spid in sql server profiler?

0 Answers  


How to create new databases with "create database" statements?

0 Answers  


Categories