What is SQL injection?

Question Posted / guest

2 Answers
6529 Views
I also Faced
E-Mail Answers

Answers were Sorted based on User's Feedback

What is SQL injection?..

Answer / p.ramakrishna

An SQL injection attack "injects" or manipulates SQL code
by adding unexpected SQL to a query.
Many web pages take parameters from web user, and make SQL
query to the database. Take for instance when a user login,
web page that user name and password and make SQL query to
the database to check if a user has valid name and password.
Username: ' or 1=1 ---
Password: [Empty]
This would execute the following query against the users
table:
select count(*) from users where userName='' or 1=1 --' and
userPass=''

Is This Answer Correct ?

5 Yes

1 No

What is SQL injection?..

Answer / sathya s.d.

using sql query in a login id and password and automaticaly
login by verifying raw query with database..

Is This Answer Correct ?

0 Yes

0 No

Post New Answer

More ASP.NET Interview Questions

I am opening Crystal Report in asp.Net 3.5. Report is opening very well but when I click on Refresh button of Crystal Report then it gives "Missing Parameter values" I also tried property of CR Viewer like crViewer.ReuseParameterValuesOnRefresh = True But it is not working. Plz give me solution.

1 Answers

What is a web api? Which protocol is used in a web api?

0 Answers

Explain the difference between panel and groupbox classes using .net?

0 Answers

What are the new web part controls in asp.net 2.0 ?

0 Answers

What is CSS? What is the advantage os using CSS in ASP.NET Web Applications?

2 Answers PCS,

Diff B/W user control and server control

3 Answers

How does session state work in asp.net?