Interested to Buy Any Domain ? << Click Here >> for more details...
Answer Posted / p.ramakrishna
An SQL injection attack "injects" or manipulates SQL code
by adding unexpected SQL to a query.
Many web pages take parameters from web user, and make SQL
query to the database. Take for instance when a user login,
web page that user name and password and make SQL query to
the database to check if a user has valid name and password.
Username: ' or 1=1 ---
Password: [Empty]
This would execute the following query against the users
table:
select count(*) from users where userName='' or 1=1 --' and
userPass=''
| Is This Answer Correct ? | 5 Yes | 1 No |
Post New Answer View All Answers
Explain how can you debug your .net application?
Describe the differences between the lifecycles of Windows services and Standard EXE?
What are the Types of session management in ASP.NET
Describe the disadvantage of cookies.
What does asp stand for in asp.net?
How many types of cookies are there in asp.net?
What is xaml? Are xaml file compiled or built on runtime?
What's the difference between viewstate and sessionstate?
What is the concept of postback in asp.net?
How many validators do ASP.NET have?
What is route in web api?
What are the validation controls available in ASP.NET?
How to disable disable browser's Back button in asp.net (JavaScript)?
How would you turn off cookies on one page of your website?
What is rending process in ASP.NET?
