Wht is SQL injection?
- 3 Answers
- 6709 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / sachin
"An attack technique used to exploit web sites by altering
backend SQL statements through manipulating application
input."
SQL Injection happens when a developer accepts user input
that is directly placed into a SQL Statement and doesn't
properly filter out dangerous characters. This can allow an
attacker to not only steal data from your database, but
also modify and delete it. Certain SQL Servers such as
Microsoft SQL Server contain Stored and Extended Procedures
(database server functions). If an attacker can obtain
access to these Procedures it may be possible to compromise
the entire machine. Attackers commonly insert single qoutes
into a URL's query string, or into a forms input field to
test for SQL Injection. If an attacker receives an error
message like the one below there is a good chance that the
application is vulnerable to SQL Injection.
| Is This Answer Correct ? | 1 Yes | 0 No |
Answer / babuni
SQL injection is a technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is in fact an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another.
| Is This Answer Correct ? | 0 Yes | 0 No |
Answer / pravati
sql injection is an attack in which malicious code is inserted to expose hidden data or to override valuable ones.
| Is This Answer Correct ? | 0 Yes | 0 No |
Write Test cases on pen?
2 Answers Cap Gemini, PanTerra,
Can anyone explain Boundary value Analysis and equavelance partition with real time example
Can u tell something about the Agile Methodology
The project is going through the maintainance phase I logged a defect which is critical for resolving ,the developement team is in US when they got the reported bug they gave the xplanation that it is a six year old written code moreover we don't have proper followup documents to authenticate this one....in this senario wat will u do??
Wat is de difference btw inspection and walkthrough in static testing?
How to test for improper links or broken links and would be there impact on the system?
Write 10 test scenarios to test remember me checkbox present in login window
Can anybody give me some tips on how to face telephonic interview and Write some expected telephonic questions as a 2+yr exp. in testing. Try to give Ques. that u already hv faced in telephone. Plz Help me out friends.
A defect posted by another tester, and it is fixed, and that fixed bug has come to you for testing, and you don't know the functionality, what do you do ?
what is e-tester?
Can anyone explain me about Tracebilit metrics?
What is Testpolicy document explain in detail? What is the use of this Document?
Automation Testing 
