Discussion in 'other firewalls' started by phantumdude, Sep 16, 2007.
HI all. i wanna know what an SQL injection is. IS it a type of attack?
Perhaps you mean SQL slammer?
actually m having a doubt whether SQL injection means altering the contents of the database. Is there a possibility of any intruder changing the contents of a public database server??.....for eg: changing the contents of the webpage hosted by me?!?!
Yes and I think you are referring to the following kind of attack
Assume you have the following URL
It is safe to assume that the "productid" parameter is a key to some record in a database. A hacker will then then replace "123" with SQL logic that could either return private data or corrupt databases. The hackers are hoping that the web developers is not checking to see if the productid has a valid entry.
See the following URL for more info
Separate names with a comma.