Answer Posted / p.ramakrishna
An SQL injection attack "injects" or manipulates SQL code
by adding unexpected SQL to a query.
Many web pages take parameters from web user, and make SQL
query to the database. Take for instance when a user login,
web page that user name and password and make SQL query to
the database to check if a user has valid name and password.
Username: ' or 1=1 ---
Password: [Empty]
This would execute the following query against the users
table:
select count(*) from users where userName='' or 1=1 --' and
userPass=''
Is This Answer Correct ? | 5 Yes | 1 No |
Post New Answer View All Answers
Suppose You Want A Certain Asp.net Function Executed On Mouseover For A Certain Button. Where Do You Add An Event Handler?
what is command line compiler.what are the steps and how it is related to debugging.
Dataset is the disconnected environment. suppose if you are binding records to gridview (disconnected environment) and you are making changes to the the grid but before updating the database if any other user modify the data, how will you avoid such problem?
Why session management is required?
Explain the differences between clr & cts?
How to set the pane area to transparent of a scrollPane component.?
What are web beacons used for?
Where is asp.net view state stored?
What is _dopostback in asp net?
How can you debug your.net application?
Give me one example of Web API Routing?
Can action method static?
explain code with multi inhertance
What is asp.net? How is it different from asp?
Which tool you have done?