Imperva Blog|Login|中文Deutsch日本語

Videos

Year: 2014 2013 2012 2011 2010 2009 2008 All Hide Descriptions
Selected Tag: Direct Database Access SQL Injection | Show All
Direct Database Access SQL Injection (Database Hacking)

Direct Database Access SQL Injection (Database Hacking)


SQL injection is usually a technique used to take advantage of non-validated input vulnerabilities to pass SQL commands through a Web application for execution by a backend database. Attackers take advantage of the fact that programmers often chain together SQL commands with user-provided parameters, and can therefore embed SQL commands inside these parameters. The result is that the attacker can execute arbitrary SQL queries and/or commands on the backend database server through the Web application. In this example, the database is attacked directly by a non-privileged user through direct interaction with the database - not through a Web application.

Tags: Attack Method, Direct Database Access SQL Injection, SQL Injection, Web Application Security, Database Security

Play Video  
Selected Tag: Direct Database Access SQL Injection | Show All