Top "Sql-injection" questions

SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).

Sanitizing user inputs with Spring MVC framework

I am working on web application using spring mvc framework, I wanted to know is there any best way to …

spring-mvc spring-security xss sql-injection
How to use SQL parameters to get dataset from SQL Server

I'm working on C# project and I'm new to this technology. I want to read some data from SQL Server 2008, …

c# sql sql-server sql-injection sqlparameter
How can I prevent SQL injection attacks in Go while using "database/sql"?

Building my first web-app and want to understand SQL injection better (https://github.com/astaxie/build-web-application-with-golang/blob/master/en/eBook/09.4.…

go sql-injection
Testing for security vulnerabilities in web applications: Best practices?

I'm developing a web application. Like, a proper one, I've used things like Joomla in the past to make awesome …

php mysql security sql-injection
SQL Server - Dynamic PIVOT Table - SQL Injection

Sorry for the long question but this contains all the SQL I've used to test the scenario to hopefully make …

sql-server sql-server-2005 sql-injection pivot dynamic-pivot
How is SQL injection typically stopped in a Spring/Hibernate setup

I hate the Ruby language because it's not statically typed but the more time I spend with Spring/Hibernate I …

java sql hibernate spring-mvc sql-injection
What does bind_param accomplish?

I'm learning about avoiding SQL injections and I'm a bit confused. When using bind_param, I don't understand the purpose. …

php sql mysqli sql-injection bindparam
SQLMAP - Post JSON data as body

Hi I'm trying to do a SQL injection in a login form. With BurpSuite I intercept the request: POST /xxxx/…

sql sql-injection burp sqlmap
Is the @Query annotation in spring SQL Injection safe?

Do the parameters of a string passed to the @Query annotation, for Spring, get treated as pure data as they …

java spring sql-injection spring-annotations
SQL injection? CHAR(45,120,49,45,81,45)

I just saw this come up in our request logs. What were they trying to achieve? The full request string …

sql-injection