hi i am swagata i would like to get details about sql injection seminar . in few days i have to deliver a presentation to computer engg fellow mates.. i would like to get some ideas about sql injection from you so that i can give a good understanding to them. currently i am in my final year of btech engg.please respond to my msdg i wud be very grateful .thank u
Posts: 14,118
Threads: 61
Joined: Oct 2014
SQL Injection is a code injection technique used to attack data-driven applications in which nefarious SQL statements are inserted into an input field for execution (for example, to dump the contents of the database to the Attacker). SQL injection should exploit a security vulnerability in an application's software, for example, when user input is incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not written strongly and Is executed unexpectedly. SQL injection is primarily known as an attack vector for websites but can be used to attack any type of SQL database.
SQL injection attacks allow attackers to forge identity, manipulate existing data, cause rejection problems such as nullifying transactions or changing balances, allowing full disclosure of all system data, destroying data or making them base server of data. In a 2012 study, it was noted that the average web application received 4 attack campaigns per month, and retailers received twice as many attacks as other industries.