Stack Overflow
Stack Overflow

Questions tagged [sql-injection]

SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).

SQL injection exploits a type of computer security vulnerability found in applications with SQL databases. It enables attackers to apply malicious SQL commands to the database via user input. It can for example extract, alter or delete sensitive data.

The vulnerability is present when user input is used directly in the SQL commands, instead of as parameters or properly filtered (also known as "sanitized", e.g. by quoting escape characters). It happens primarily because of poorly written SQL handling functions in client applications.

See famous example - Bobby Tables incident and the community wiki question's answer How can I prevent SQL injection in PHP?

Useful Links

3768 questions
1
vote
1 answer

How to generate ActiveQuery with client defined query string parameters safely in Yii2?

Is there a safe way to generate conditional clause for Yii2 ORM with query string parameters? For example, we require a list of some food products, filtering by their properties: GET /food/?weight[>]=1000&calories=[<]=200 And there is a plenty of…
Dmitry Nevzorov
  • 595
  • 8
  • 16
1
vote
2 answers

ColdFusion sql issue

Ran a security scan against an URL and received the report below: The vulnerability affects /rolecall.cfm , bbb_id This is the rolecall.cfm code: if (isDefined("url") and isDefined("url.bbb_id")) { if (url.dept_id eq -1) …
FunkoRobo
  • 11
  • 2
1
vote
1 answer

How to avoid an HTTP Header Injection attack

I use CheckMarx platform to test security of my site( to test contact form), but unfortunatelly it tells me about Header Injection Risks, I've already applyed some checkup for this but it still tells me about the risk In what exactly can be the…
Taras Chernata
  • 371
  • 8
  • 17
1
vote
1 answer

Can't find commands at the end

I tried an SQL injection on a private VM and used sqlmap. Somehow the command: sqlmap -u http://link/index.html?page=blog&title=Blog&id=5 --random-agent Gives me: [2] 16 [3] 17 -bash: --random-agent: command not found [1] Done …
Simon Huenecke
  • 97
  • 1
  • 1
  • 7
1
vote
3 answers

SQL injection prevention in C# influx client

I am trying to write Influx queries and to prevent SQL injection using bind parameters. The Influx documentation talks about CURL commands here and I saw a GitHub issue relating to their Java client here Could someone please help me with SQL…
Sheena Agrawal
  • 700
  • 1
  • 7
  • 15
1
vote
3 answers

Using Nested SQL Sub-queries in SQL Injection

This question just came into my mind and wasn't able to find this anywhere so thought this would be the best place to ask. This is just for education purpose. I use proper sanitation and haven't provided DROP permission for my real database. Let's…
Hackinet
  • 3,252
  • 1
  • 10
  • 22
1
vote
1 answer

Creating SQL-Injection proof dynamic where-clause from collection in PL/SQL

I need to execute a query where the where-clause is generated based on user input. The input consists of 0 or more pairs of varchar2s. For example: [('firstname','John') ,('lastname','Smith') ,('street','somestreetname')] This would translate…
Kenny Steegmans
  • 307
  • 4
  • 21
1
vote
1 answer

False positive SQL Injection by ZAP in Spring MVC

I have a spring-mvc web application which is "Active scanned" by ZAP tool. It has two High medium alert for SQL Injection which I believe is a false positive. The original URL is /msg/showList? which returns 200OK and json list of message. ZAP…
Hima
  • 83
  • 1
  • 8
1
vote
1 answer

Inserting data to mysql, avoiding sql injection using python

where I am doing wrong? query runs successfully but no data store in database table My block of code is import pymysql db = pymysql.connect(host='', user='',…
Rehab Shahzadi
  • 19
  • 1
  • 7
1
vote
3 answers

How does using parameters prevent SQL injection?

How does using parameters prevent SQL injection? A lot of people are saying that using parameters instead of input strings (coming from for example, website's users) can prevent SQL injection. But I don't get it, I mean how is "drop database"…
Rocket128
  • 123
  • 3
  • 13
1
vote
1 answer

Codeigniter Active record SQL injection

Is below query vulnerable to SQL Injection where $evilInput is from get/post request. $this->db->select($evilInput); $this->db->where($evilInput2 ,"abc"); $query = $this->db->get($evilInput3); $count =…
Danish
  • 13
  • 4
1
vote
1 answer

anti sql-injection in magento

I searched for anti sql-injection code. Folloing code is what i adopted. I want to re-confirm that following php code can prevent sql-injection $sql_select = " SELECT * FROM main_tbl WHERE ( (((main_tbl.from_id = :sender_id) AND…
Knowledge Drilling
  • 986
  • 1
  • 8
  • 22
1
vote
1 answer

Avoiding SQL injection while constructing SELECT

I want to avoid SQL Injections. I am posting the question by simplifying the problem I am working at. The client wants to view a set of columns from a table. It passes the table name and a list of columns. The client is aware of the table name and…
DKG
  • 377
  • 5
  • 14
1
vote
4 answers

Is SQL injection possible with this query?

UPDATE `company` SET `itnumber` = '595959' WHERE (id = 932) So the value of itnumber is coming from user input for that company. I want to make sure I am able to prevent any kind of sql injection. So user inputs 595959 and I build that value as…
yogsma
  • 10,142
  • 31
  • 97
  • 154
1
vote
2 answers

Is it possible to perform a SQL Injection on a application that uses Entity Framework?

Can Entity Framework be hacked? Is it possible to perform a SQL Injection on a application that uses EF? If so, can someone please provide a full example of how that might be done? I couldn't find any specific to EF in C#.
Yusha
  • 1,496
  • 2
  • 14
  • 30
1 2 3
99 100