Data Management

Direct Database Access SQL Injection (Database Hacking)

Date Added: Jan 2011
Format: Webcast

SQL injection is usually a technique used to take advantage of non-validated input vulnerabilities to pass SQL commands through a Web application for execution by a backend database. Attackers take advantage of the fact that programmers often chain together SQL commands with user-provided parameters, and can therefore embed SQL commands inside these parameters.