Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

  1. Categories >> Software >> Testing >> Manual Testing
  2. Suggest New Category

Wht is SQL injection?

Question Posted / sachin

Answer Posted / sachin

"An attack technique used to exploit web sites by altering
backend SQL statements through manipulating application
input."

SQL Injection happens when a developer accepts user input
that is directly placed into a SQL Statement and doesn't
properly filter out dangerous characters. This can allow an
attacker to not only steal data from your database, but
also modify and delete it. Certain SQL Servers such as
Microsoft SQL Server contain Stored and Extended Procedures
(database server functions). If an attacker can obtain
access to these Procedures it may be possible to compromise
the entire machine. Attackers commonly insert single qoutes
into a URL's query string, or into a forms input field to
test for SQL Injection. If an attacker receives an error
message like the one below there is a good chance that the
application is vulnerable to SQL Injection.

Is This Answer Correct ?    1 Yes 0 No



Post New Answer       View All Answers


Please Help Members By Posting Answers For Below Questions

what is independent question and what is retriewing and what is problem of severity.

1968

Any one please can u tell me what is composer? An interviewer asked me do u have experience in Composer? its urgent.

2067

What is stub?

1231

Hi friends, currently i am working with banking domain project in the part of testing..what kind of questions will be ask at interviews.. can anybody listout the project oriented questions which are asked in interviews...

3922

What if the project isn’t big enough to justify extensive testing?

1295

What are the benefits of requirement traceability?

1176

how to write manual testcases for download the files from the template. for example:from product cost enddate

2126

How will you set the Dependency in the Quality center? Say if you will fail a test case and two or more test cases are dependent on that particular test case. In this case how will you handle in failing the test case.

2704

What is test plan and contents available in a test plan?

1242

What is the difference between Sleep and wait in winrunner what is integration testing and types of testing present what is system testing what is data driven testing what is functionality testing if requirements are given to you then how do you write the test cases for it Account number = Ok cancel For above given form the valid account number starts from 1 to 1000 so is it necessary to input the 1,2,3 ….998,999,1000 test cases to check the conditions of valid account numbers I,e is it compulsory to write 1000 test cases for the above form

2671

consider therez 1 land and it has mango trees in it, what are the tets cases or how will we count no of mangoes on all trees

2028

What is AGP?what is setup.inf?What are the ways to install driver?

2386

Suggest some book to learn more test case???

2027

what is date field test case

1986

I am new to testing, I need information about TSYS any website or if you have information please mail it to me. this is for online credit applications project.My mail id is keerthanakoluvu@yahoo.com. Thanks for your help.

2110