Stack Overflow
Stack Overflow

Questions tagged [sql-injection]

SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).

SQL injection exploits a type of computer security vulnerability found in applications with SQL databases. It enables attackers to apply malicious SQL commands to the database via user input. It can for example extract, alter or delete sensitive data.

The vulnerability is present when user input is used directly in the SQL commands, instead of as parameters or properly filtered (also known as "sanitized", e.g. by quoting escape characters). It happens primarily because of poorly written SQL handling functions in client applications.

See famous example - Bobby Tables incident and the community wiki question's answer How can I prevent SQL injection in PHP?

Useful Links

3768 questions
36
votes
8 answers

Classic ASP SQL Injection Protection

What is a strong way to protect against sql injection for a classic asp app? FYI I am using it with an access DB. (I didnt write the app)
Daniel A. White
  • 187,200
  • 47
  • 362
  • 445
35
votes
8 answers

SQL injection on INSERT

I have created a small survey web page on our company Intranet. This web page is not accessible from the outside. The form is simply a couple of radio buttons and a comments box. I would like to maintain good coding practices and would like to…
Brad
  • 20,302
  • 36
  • 84
  • 102
35
votes
1 answer

How to prevent sql-injection in nodejs and sequelize?

I want to write custom queries using Sequelize, and as far as possible avoid potential issues with SQL Injection. My question is therefore if there exists a secure way of writing custom queries with inserted variables using Sequelize?
Bhargava Narayan K P
  • 365
  • 2
  • 4
  • 5
35
votes
1 answer

How to create a SQL injection attack with Shift-JIS and CP932?

I'm writing some unit tests to ensure my code isn't vulnerable to SQL injection under various charsets. According to this answer, you can create a vulnerability by injecting \xbf\x27 using one of the following charsets: big5, cp932, gb2312, gbk and…
mpen
  • 272,448
  • 266
  • 850
  • 1,236
35
votes
2 answers

SQL injection? CHAR(45,120,49,45,81,45)

I just saw this come up in our request logs. What were they trying to achieve? The full request string is: properties?page=2side1111111111111 UNION SELECT…
roo
  • 7,106
  • 8
  • 39
  • 45
34
votes
7 answers

Site has been hacked via SQL Injection

Recently my site was hacked via SQL injection. The hacker used the following query to get my DB name. I cannot understand this query they…
surezram
  • 393
  • 1
  • 4
  • 7
34
votes
2 answers

Which characters are actually capable of causing SQL injection in MySQL?

We all know that we should use prepared statements or the appropriate replacement/formatting rules in order to prevent sql injection in our applications. However, when taking a look at MySQL's list of character literals, I noticed that it includes…
schizodactyl
  • 1,445
  • 1
  • 10
  • 11
33
votes
4 answers

Confusion between prepared statement and parameterized query in Python

As far as I understand, prepared statements are (mainly) a database feature that allows you to separate parameters from the code that uses such parameters. Example: PREPARE fooplan (int, text, bool, numeric) AS INSERT INTO foo VALUES($1, $2, $3,…
r_31415
  • 8,752
  • 17
  • 74
  • 121
33
votes
3 answers

Rails SQL injection?

In Rails, when I want to find by a user given value and avoid SQL injection (escape apostrophes and the like) I can do something like this: Post.all(:conditions => ['title = ?', params[:title]]) I know that an unsafe way of doing this (possible SQL…
Yuval Karmi
  • 26,277
  • 39
  • 124
  • 175
33
votes
5 answers

How to prevent SQL Injection with JPA and Hibernate?

I am developing an application using hibernate. When I try to create a Login page, The problem of Sql Injection arises. I have the following code: @Component @Transactional(propagation = Propagation.SUPPORTS) public class LoginInfoDAOImpl…
Mr. Singthoi
  • 457
  • 3
  • 8
  • 11
32
votes
6 answers

Someone has hacked my database - how?

Someone has hacked my database and has dropped the table. In my PHP page there is one single query where I am using mysql_real_escape_string: $db_host="sql2.netsons.com"; $db_name="xxx"; $username="xxx"; $password="xxx"; …
xRobot
  • 25,579
  • 69
  • 184
  • 304
31
votes
3 answers

How can I prevent SQL injection attacks in Go while using "database/sql"?

Building my first web-app and want to understand SQL injection better (https://github.com/astaxie/build-web-application-with-golang/blob/master/en/eBook/09.4.md). How much protection against SQL injection do I get from just always using the…
John Montague
  • 1,910
  • 7
  • 21
  • 30
30
votes
7 answers

SQL injection attack with php

this is part of an assignment for my computer security class, so I'm not looking for specific answers, just some help. We were given a faulty program (in php) that controls a sql database (a bank account) and we have to find a way to create a SQL…
user1777900
  • 975
  • 3
  • 13
  • 27
29
votes
7 answers

Why is using a mysql prepared statement more secure than using the common escape functions?

There's a comment in another question that says the following: "When it comes to database queries, always try and use prepared parameterised queries. The mysqli and PDO libraries support this. This is infinitely safer than using escaping …
João Josézinho
  • 2,648
  • 4
  • 23
  • 27
28
votes
3 answers

Delphi - prevent against SQL injection

I need to protect an application from SQL injection. Application is connecting to Oracle, using ADO, and search for the username and password to make the authentication. From what I've read until now, the best approach is by using parameters, not…
RBA
  • 12,337
  • 16
  • 79
  • 126
1 2 3
99 100