Questions tagged [sql-injection]

SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).

SQL injection exploits a type of computer security vulnerability found in applications with SQL databases. It enables attackers to apply malicious SQL commands to the database via user input. It can for example extract, alter or delete sensitive data.

The vulnerability is present when user input is used directly in the SQL commands, instead of as parameters or properly filtered (also known as "sanitized", e.g. by quoting escape characters). It happens primarily because of poorly written SQL handling functions in client applications.

See famous example - Bobby Tables incident and the community wiki question's answer How can I prevent SQL injection in PHP?

Useful Links

3768 questions

votes

4 answers

Using Magento Methods to write Insert Queries with care for SQL Injection

I am using the Magento's functionality to insert & update queries. My requirement is that I want to take care of SQL Injection, when doing these types of queries. But I'm unable to find how Magento does this. I'm providing one start sample. Please…

magento sql-injection

asked Aug 26 '10 at 12:48

Knowledge Craving

7,955
13
49
92

votes

6 answers

How can I automatically test my site for SQL injection attacks, using either a script or program?

I've searched and found a good discussion here on SO, but it is several years old. What programs are there, or is there a simple script I can run, to find the SQL injection holes in the URLs in my entire site? Preferably, I'd like to run a script…

php sql sql-injection

asked Mar 13 '12 at 14:20

Luke Shaheen

4,262
12
52
82

votes

4 answers

Testing for security vulnerabilities in web applications: Best practices?

I'm developing a web application. Like, a proper one, I've used things like Joomla in the past to make awesome stuff but have now finally got my hands dirty with PHP, MySQL and CodeIgniter. When you're making serious web apps that'll handle large…

php mysql security sql-injection

asked Feb 28 '10 at 14:28

Jack

9,615
18
72
112

votes

3 answers

How can I prevent SQL injection in PYTHON-DJANGO?

If a lamer input is inserted into an SQL query directly, the application becomes vulnerable to SQL injection, like in the following example: dinossauro = request.GET['username'] sql = "SELECT * FROM user_contacts WHERE username = '%s';" %…

python sql django security sql-injection

asked Dec 09 '13 at 10:22

Jayron Soares

votes

5 answers

Is there anything that can be put after the "ORDER BY" clause that can pose a security risk?

Basically, what I want to do is this: mysql_query("SELECT ... FROM ... ORDER BY $_GET[order]") They can obviously easily create a SQL error by putting non-sense in there, but mysql_query only allows you to execute 1 query, so they can't put…

php mysql database sql-injection

asked Jul 11 '11 at 18:01

mpen

272,448
266
850
1,236

votes

8 answers

Catching SQL Injection and other Malicious Web Requests

I am looking for a tool that can detect malicious requests (such as obvious SQL injection gets or posts) and will immediately ban the IP address of the requester/add to a blacklist. I am aware that in an ideal world our code should be able to handle…

sql xss sql-injection

asked Aug 04 '08 at 14:40

Schmidty

votes

9 answers

How to prevent a SQL Injection escaping strings

I have some queries (to an acccess database) like this : string comando = "SELECT * FROM ANAGRAFICA WHERE E_MAIL='" + user + "' AND PASSWORD_AZIENDA='" + password + "'"; and I'd like to "escape" user and password, preventing an injection. How can I…

c# .net sql-injection

asked Jul 01 '11 at 12:32

markzzz

47,390
120
299
507

votes

1 answer

Is Spring Data JPA safe against SQL injection

I am trying to find information about Spring Security JPA and if methods like .save() are protected from sql injection. For instance I have object Customer. that I want to persist to my database. I am using CustomerRepository Spring implementation…

database spring-data spring-data-jpa sql-injection

asked Jan 15 '17 at 12:40

Dago

votes

6 answers

Attempted SQL injection attack - what are they trying to do?

I have a public facing website that has been receiving a number of SQL injection attacks over the last few weeks. I exclusively use parameterised stored procedures so I believe that there has been no successful attacks, but a recent log showed an…

sql-server sql-injection

asked Oct 14 '08 at 09:44

Guy

9,720
7
38
42

votes

4 answers

Found 'OR 1=1/* sql injection in my newsletter database

I found the following in the "e-mail" field of my newsletter subscriber database: ' OR 1=1/* I know it's a SQL injection, but that's it. I've googled it a little bit, but I'm still on clear on what exactly it's trying to achieve. This occurred early…

mysql security sql-injection

asked Dec 13 '12 at 19:46

NotMuchOfAProgrammer

votes

2 answers

Do hard-to-guess SQL database table and column names help prevent SQL injection?

I just met a developer who prepended every table and column name in his MYSQL databases with an underscore (e.g. _users, _name, _active). When I questioned the practice he stated that this helps prevent SQL injection attacks - I have never come…

mysql sql sql-injection

asked Nov 19 '12 at 16:56

foiseworth

votes

3 answers

How can I prevent SQL injection with dynamic tablenames?

I had this discussion with a high reputation PHP guy: PDO has no use here. as well as mysql_real_escape_string. extremely poor quality. This of course is cool, but I honestly don't know what's wrong with suggesting use of…

php sql-injection

asked Apr 27 '11 at 23:16

Johan

74,508
24
191
319

votes

15 answers

Non-web SQL Injection

There seems to be some hysteria about SQL Injection attacks. Most recently, here How to return the value in one field based on lookup value in another field If I'm creating a macro in Excel that connects to an Access database, do I really have to…

excel vba ms-access sql-injection

asked Feb 04 '09 at 16:41

Dick Kusleika

32,673
4
52
73

votes

7 answers

Found a weak escape function for MySql, how to exploit?

In an application I'm working on I've found a weak escape function to prevent injection. I'm trying to prove this, but I'm having trouble coming up with a simple example. The escape function works as follows (PHP example). function escape($value)…

sql mysql security sql-injection

asked Aug 10 '10 at 11:33

Evert

93,428
18
118
189

votes

2 answers

Strange URL containing 'A=0 or '0=A in web server logs

During the last weekend some of my sites logged errors implying wrong usage of our URLs: ...news.php?lang=EN&id=23'A=0 or ...news.php?lang=EN&id=23'0=A instead of ...news.php?lang=EN&id=23 I found only one page originally which mentioned this…

url encoding sql-injection bots

asked Nov 23 '15 at 09:43

Atara

3,523
6
37
56

Prev 1 2 3

…

99 100 Next