• Thumbnail for SQL injection
    SQL injection
    In computing, SQL injection is a code injection technique used to attack data-driven applications, in which malicious SQL statements are inserted into...
    40 KB (4,166 words) - 20:02, 19 May 2024
  • Code injection
    Injection flaws are most often found in SQL, LDAP, XPath, NoSQL queries, OS commands, XML parsers, SMTP headers, program arguments, etc. Injection flaws...
    27 KB (2,954 words) - 20:34, 10 May 2024
  • Prepared statement (redirect from Prepare (SQL))
    repeatedly without re-compiling security, by reducing or eliminating SQL injection attacks A prepared statement takes the form of a pre-compiled template...
    15 KB (1,672 words) - 11:34, 12 January 2024
  • Thumbnail for Dependency injection
    Dependency injection
    In software engineering, dependency injection is a programming technique in which an object or function receives other objects or functions that it requires...
    34 KB (3,452 words) - 14:35, 26 April 2024
  • Stored procedure (section Comparison with static SQL)
    directly have. Some protection from SQL injection attacks Stored procedures can be used to protect against injection attacks. Stored procedure parameters...
    12 KB (1,315 words) - 13:40, 19 March 2024
  • Vulnerability database (section SQL injection)
    Subramani, Sarala (2012). "Generation of Sql-injection Free Secure Algorithm to Detect and Prevent Sql-Injection Attacks". Procedia Technology. 4: 790–796...
    16 KB (1,755 words) - 14:19, 21 May 2024
  • Injection
    injection, a software testing technique Network injection, an attack on access points that are exposed to non-filtered network traffic SQL injection,...
    2 KB (288 words) - 17:12, 27 March 2022
  • Thumbnail for Sqlmap
    Sqlmap
    sqlmap is a software utility for automated discovering of SQL injection vulnerabilities in web applications. The tool was used in the 2015 data breach...
    3 KB (153 words) - 06:40, 14 April 2024
  • Damn Vulnerable Web Application
    vulnerabilities and is intended for educational purposes. Cross site scripting SQL injection Porup, J. M. (2018-11-09). "Learn to play defense by hacking these broken...
    1 KB (89 words) - 20:52, 21 December 2023
  • Oracle Application Express
    of &NAME) and these are not safe and lead to SQL Injection. Where the injection occurs within a PL/SQL block an attacker can inject an arbitrary number...
    16 KB (1,621 words) - 19:32, 30 April 2024
  • Thumbnail for WordPress
    WordPress
    the Yoast SEO plugin was vulnerable to SQL injection, allowing attackers to potentially execute arbitrary SQL commands. The issue was fixed in version...
    86 KB (6,176 words) - 20:33, 9 May 2024
  • Thumbnail for Kali Linux
    Kali Linux
    framework), John the Ripper (a password cracker), sqlmap (automatic SQL injection and database takeover tool), Aircrack-ng (a software suite for penetration-testing...
    22 KB (1,859 words) - 13:29, 21 May 2024
  • DSLReports (section 2011 SQL Injection attack)
    dslreports.com. Over a four-hour period on April 27, 2011, an automated SQL Injection attack occurred on the DSLReports website. The attack was able to extract...
    16 KB (1,508 words) - 08:37, 15 March 2024
  • GPT-4
    a test of 89 security scenarios, GPT-4 produced code vulnerable to SQL injection attacks 5% of the time, an improvement over GitHub Copilot from the...
    60 KB (5,834 words) - 07:34, 21 May 2024
  • Thumbnail for Panama Papers
    Panama Papers
    Mossack Fonseca's content management system had not been secured from SQL injection, a well-known database attack vector, and that he had been able to access...
    158 KB (14,413 words) - 16:36, 16 May 2024
  • Thumbnail for H2 (database)
    H2 (database) (section Use of SQL)
    application.[citation needed] The database supports protection against SQL injection by enforcing the use of parameterized statements. In H2, this feature...
    9 KB (958 words) - 14:21, 15 April 2024
  • Double encoding
    schemes and security filters against code injection, directory traversal, cross-site scripting (XSS) and SQL injection. In double encoding, data is encoded...
    14 KB (1,898 words) - 17:01, 3 October 2022
  • Yahoo! Voice
    compromised and 453,491 email addresses and passwords were stolen using SQL injection. A 17 MB text file containing the stolen passwords was released by a...
    4 KB (288 words) - 03:15, 4 July 2023
  • Thumbnail for Drupal
    Drupal
    several backup modules available in Drupal. On 15 October 2014, an SQL injection vulnerability was announced and update was released. Two weeks later...
    53 KB (5,207 words) - 12:43, 20 May 2024
  • HDIV
    any complexity to the application development. A1 (Injection): Injection flaws, such as SQL Injection occur when malicious data is sent to an interpreter...
    10 KB (1,354 words) - 13:42, 14 May 2024
  • XML external entity attack (redirect from XXE injection)
    and disallow any declared DTD included in the XML document. SQL injection Blind SQL injection "What Are XML External Entity (XXE) Attacks". Acunetix. Retrieved...
    8 KB (841 words) - 19:47, 13 November 2023
  • Web development
    security measures to protect against common vulnerabilities, including SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF)....
    39 KB (4,681 words) - 18:53, 2 April 2024
  • DevOps
    goal is early detection of defects including cross-site scripting and SQL injection vulnerabilities. Threat types are published by the open web application...
    23 KB (2,558 words) - 00:26, 22 May 2024
  • Taint checking
    associated with web sites which are attacked using techniques such as SQL injection or buffer overflow attack approaches. The concept behind taint checking...
    6 KB (714 words) - 19:49, 6 May 2022
  • Improper input validation
    Buffer overflow Cross-site scripting Directory traversal Null byte injection SQL injection Uncontrolled format string "CWE-20: Improper Input Validation"...
    1 KB (109 words) - 02:39, 24 November 2022
  • Web application firewall
    attacks exploiting a web application's known vulnerabilities, such as SQL injection, cross-site scripting (XSS), file inclusion, and improper system configuration...
    12 KB (1,244 words) - 10:39, 26 April 2024
  • Magic quotes
    prevent inexperienced developers from writing code that was vulnerable to SQL injection attacks. This feature was officially deprecated as of PHP 5.3.0 and...
    8 KB (1,032 words) - 13:16, 2 September 2020
  • Thumbnail for Meredith L. Patterson
    Meredith L. Patterson
    introduced innovative techniques to counter SQL injection attacks and integrated data mining libraries into PostgreSQL databases, giving rise to her startup...
    16 KB (1,382 words) - 15:57, 13 May 2024
  • Defensive programming
    problems, such as old source code written without addressing concerns of SQL injection and privilege escalation, resulting in many security vulnerabilities...
    14 KB (1,800 words) - 22:52, 12 December 2023
  • Thumbnail for Adminer
    Adminer (category MySQL)
    Ukrainian, Vietnamese) SQL syntax highlighting Visual database/E-R schema editing Countermeasures against XSS, CSRF, SQL injection, session-stealing, ....
    4 KB (373 words) - 13:01, 18 October 2022