Interested to Buy Any Domain ? << Click Here >> for more details...
Answer Posted / reva ram sahu
SQL Injection happens when a developer accepts user input
that is directly placed into a SQL Statement and doesn't
properly filter out dangerous characters. This can allow an
attacker to not only steal data from your database, but also
modify and delete it. Certain SQL Servers such as Microsoft
SQL Server contain Stored and Extended Procedures (database
server functions). If an attacker can obtain access to these
Procedures it may be possible to compromise the entire
machine. Attackers commonly insert single qoutes into a
URL's query string, or into a forms input field to test for
SQL Injection. If an attacker receives an error message like
the one below there is a good chance that the application is
vulnerable to SQL Injection.
| Is This Answer Correct ? | 6 Yes | 1 No |
Post New Answer View All Answers
What is unpivot?
Why should one not prefix user stored procedures with ‘sp_’?
Explain difference between control flow and data flow?
Do you know nested transaction?
If you are given access to a SQL Server, how do you find if the SQL Instance is a named instance or a default instance?
what is the different types of backups available in sql server? : Sql server database administration
How to download and install microsoft sql server management studio express?
Explain what is the difference between union and union all?
What is a ddl statement?
Can you explain various data region available in ssrs with their use?
How you can get a list of all the table constraints in a database?
What is indexing and its types?
Can you explain different types of joins?
How to connect to a sql server using odbc_connect()?
How to execute stored procedure in select statement sql server?
