How to Fix SQL Injection Vulnerabilities
How to Fix SQL Injection Vulnerabilities
or most organizations thier database is the heart of its operation (or
atleast the kidney). The banks, shopping portals, payment gateways, news
portals and even corporate CRM/SAP systems all depend up the database
to fetch information, facilitate transactions and store user
information. Millions of transactions happen every day on any leading
online air ticket booking site. What happens when the critical data that
runs your business is not safe anymore? What if an un-authorized person
gets access to your database and in-turn your network?
What is an SQL Injection and what can an attacker do?
An SQL Injection attack is a code injection attack when input from an
attacker reaches one of your databases without any filteration or
validation. As a result of such an attack, a malicious user may be able
to:
- Execute any read / write / update / delete query on your database.
- Execute system level commands and retrieve the output.
- Read / write files into any accessible location on the server.
How do I fix an SQL Injection?
The following posts provided specific details for fixing SQL injection
vulnerabilities in various programming languages and through a variety
of methods.
PHP
- Fixing SQL Injection in PHP and MySQL
- Fixing SQL Injection in PHP and MSSQL
- Fixing SQL Injection in PHP and Oracle
ASP
- Fixing SQL Injection in ASP and MySQL
- Fixing SQL Injection in ASP and MSSQL
- Fixing SQL Injection in ASP and Oracle
.NET
- Fixing SQL Injection in .NET and MySQL
- Fixing SQL Injection in .NET and MSSQL
- Fixing SQL Injection in .NET and Oracle
Java
nice article
ReplyDeletefor related articles please visit: latest cyber security updates.
Delete