Attackers can inject arbitrary SQL code to be executed against the database. In the example below, the code will trigger an alert if SQL code exists that has a different “drop-dead” date than the current date:
The id parameter is typically used to identify a specific record. In this case, an attacker can use the id parameter to inject SQL code that can be used to alter the current record’s drop-dead date. For example, if the current record’s drop-dead date is set to “1 week”, then an attacker can inject SQL code to set the record’s drop-dead date to a date such as “1 month”.
SQL Injection
SQL injection is a class of vulnerabilities that occur when user input is used in an SQL statement without adequate context validation. This can lead to the execution of arbitrary SQL commands, inserting and deleting data from the database, or accessing unauthorized information.
The vulnerability occurs because the application does not properly filter or sanitize user input. An attacker can use this vulnerability to execute malicious SQL queries that may result in unauthorized access to sensitive data or cause denial-of-service (DoS) attacks against the database server.
SQL Injection - Stored Procedure
SQL Injection is the process of injecting malicious SQL code into a web application. This can lead to systematic damage within the database or access to sensitive information, such as credit card numbers.
The injection could be done in two ways:
- directly in the web page’s HTML
- by submitting a form with malicious code
SQL Injection vulnerabilities are common in applications that return data from a database. These applications often follow the same pattern of returning data formatted according to specific requirements:
- select/insert/update/delete operations
- delete WHERE clauses with pattern matching in WHERE clauses
- when using array functions such as CONCAT(), COUNT() and SUBSTR()
Timeline
Published on: 09/12/2022 23:15:00 UTC
Last modified on: 09/15/2022 04:16:00 UTC