SQL Injection

Results from failure of the application to appropriately validate input. When specially crafted user‐ controlled input consisting of SQL syntax is used without proper validation as part of SQL queries, it is possible to glean information from the database in ways not envisaged during application design.


SQL Injection

Results from failure of the application to appropriately validate input. When specially crafted user‐ controlled input consisting of SQL syntax is used without proper validation as part of SQL queries, it is possible to glean information from the database in ways not envisaged during application design.

Used in methodology