"An attack technique used to exploit web sites by altering backend S

Wht is SQL injection?

Question Posted / sachin

3 Answers
6745 Views
I also Faced
E-Mail Answers

Answer Posted / sachin

"An attack technique used to exploit web sites by altering
backend SQL statements through manipulating application
input."

SQL Injection happens when a developer accepts user input
that is directly placed into a SQL Statement and doesn't
properly filter out dangerous characters. This can allow an
attacker to not only steal data from your database, but
also modify and delete it. Certain SQL Servers such as
Microsoft SQL Server contain Stored and Extended Procedures
(database server functions). If an attacker can obtain
access to these Procedures it may be possible to compromise
the entire machine. Attackers commonly insert single qoutes
into a URL's query string, or into a forms input field to
test for SQL Injection. If an attacker receives an error
message like the one below there is a good chance that the
application is vulnerable to SQL Injection.

Is This Answer Correct ?

1 Yes

0 No

Post New Answer View All Answers

Please Help Members By Posting Answers For Below Questions

Can anybody give me some tips on how to face telephonic interview and Write some expected telephonic questions as a 2+yr exp. in testing. Try to give Ques. that u already hv faced in telephone. Plz Help me out friends.

1450

i want information about API testing and i want info like how process can be done in company? i want added info like coding ,debugging, desing in c.v ? what should add in c.v for eg banking domin? pls any answer my question?

1595

How do u prepare test environment for ur application?

1681

How can a LOG for testcases be maitained which can give information about a TestCase that is it new one or has been occured in previous versions of the software.

1600

Can you explain boundary value analysis?

668

What is mean by multi-threading testing?

2114

Could anyone share FAQs for Test Manager position...

1646

where do we work with Application, web and Database servers Means which type of applications.

1469

any one giv test cases for wordpad using equivalence class partioning

2597

hi friends, i have completed course and project on insurance domain in mindq testing institution...can any working employee please tell me ,which notes( testing subject notes,project notes)i have to prefer first.i was studied both notes and getting confussion.one of my friend got job throughly only project notes and said that project notes is enough to get job.in which way ,i have to prepare interview( which important topics first ), if you are follow any strategy to interview purpose,pls send me important topics list.

2876

Our software designers use UML for modeling applications. Based on their use cases, we would like to plan a test strategy. Do you agree with this approach or would this mean more effort for the testers.

1652

what is the difference between website and web based application ?

2261

Hi, Anybody knows about Hexaware company..

1680

What type of projects can include in Logistics Domain? and what is the type of domain for project which include Driving license renewal, Different type of title registration etc...

2540

why use caffine for HPLC calibration ?

1664