What is SQL Injection?

1 Answer

answered Jan 16, 2020 by Eresh Kumar (45.3k points)

SQL Injection (SQLi) is an injection attack that allows the execution of malicious SQL statements. These SQL statements control the server of the database. Attackers make use of the vulnerabilities of this SQL Injection in order to bypass the security measures of an application. They can easily authenticate and authorize the web pages and applications to retrieve confidential SQL database information. They can also add, update, and delete data records from the database using SQLi.

The most common types of SQLi attack are as follows:

Data deletion
Updating the data
Data insertion
Execution of commands on the database server that can lead to installation of Trojan and other malicious programs

If you want to learn more about SQL and SQLi then you must read the SQL Tutorial.

Also, check out this video on SQL:

Related questions

0 votes

1 answer

What is sql injection?

asked Oct 19, 2020 in SQL by dev_sk2311 (45k points)

0 votes

1 answer

SQL injection that gets around mysql_real_escape_string()

asked Dec 31, 2020 in SQL by Appu (6.1k points)

0 votes

1 answer

In PHP how can I prevent SQL injection ?

asked Nov 29, 2020 in SQL by Appu (6.1k points)

0 votes

1 answer

How does a PreparedStatement avoid or prevent SQL injection?

asked Jul 24, 2019 in SQL by Tech4ever (20.3k points)

0 votes

1 answer

Java - escape string to prevent SQL injection

asked Nov 25, 2019 in Java by Anvi (10.2k points)

Browse Categories

...