Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

  1. Categories >> Software >> Testing >> Manual Testing
  2. Suggest New Category

Wht is SQL injection?

Question Posted / mustafa

Answers were Sorted based on User's Feedback



Wht is SQL injection?..

Answer / sachin

"An attack technique used to exploit web sites by altering
backend SQL statements through manipulating application
input."

SQL Injection happens when a developer accepts user input
that is directly placed into a SQL Statement and doesn't
properly filter out dangerous characters. This can allow an
attacker to not only steal data from your database, but
also modify and delete it. Certain SQL Servers such as
Microsoft SQL Server contain Stored and Extended Procedures
(database server functions). If an attacker can obtain
access to these Procedures it may be possible to compromise
the entire machine. Attackers commonly insert single qoutes
into a URL's query string, or into a forms input field to
test for SQL Injection. If an attacker receives an error
message like the one below there is a good chance that the
application is vulnerable to SQL Injection.

Is This Answer Correct ?    1 Yes 0 No

Wht is SQL injection?..

Answer / babuni

SQL injection is a technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is in fact an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another.

Is This Answer Correct ?    0 Yes 0 No

Wht is SQL injection?..

Answer / pravati

sql injection is an attack in which malicious code is inserted to expose hidden data or to override valuable ones.

Is This Answer Correct ?    0 Yes 0 No

Post New Answer

More Manual Testing Interview Questions

How would you ensure 100% coverage of testing?

2 Answers  

how to write test cases for epos/pos testing.

0 Answers   IBM,

what is the difference bug,defect,error

3 Answers  

Explain me in detail V model with diagram?

1 Answers   CybAge,

what is system testing? as test eng, what do u do in sys testing? who invoves in sys testing?

0 Answers   IBM,

If there are so many bugs open and still the client want the s/w what will you do?

2 Answers   HCL,

what is meant by deffered status

6 Answers   Infotech,

Who will Prepare the Tracebility Matrix?

4 Answers   Cap Gemini, Ramco, Wipro,

5 positive and 5 negative test cases for yahoo login window

6 Answers   IBM,

In Agile process, If you have not completed task in the Sprint time, How do you complete the task or do you add the task to next sprint.

2 Answers   Cap Gemini,

wat kinds of documents requied during regression testion ? at time regression testing is done? can we do it repeatdly

2 Answers  

Can anyone tell me the test scenario for railway reservation online booking. I need all test scenario.... please friends help me.

1 Answers   Accenture,

For more Manual Testing Interview Questions Click Here
Categories