Blind SQL injection: are your web applications vulnerable?
Tuesday, 24th June 2008
Published by:  SQL injection occurs when an application does not properly validate user-supplied input and then includes that input as part of a SQL statement. SQL injection largely depends on an attacker discovering and verifying portions of the original SQL query, using information from error messages. However, web applications can still be vulnerable to blind SQL injection attacks even with no error messages or when they only reveal generic information. |
|
|
||||||
Related White Papers:
» 11 Myths About Microsoft Exchange Disaster Recovery
» 5 Phases of OEM Report Development
» 5 High Impact Fail Points, and How to Avoid Them
» .Net Insight eNewsletter
» 5 High Impact Fail Points, and How to Avoid Them
» Introduction to Free Software
