Many people say they know what SQL injection is , but all they have heard about or experienced are trivial examples. SQL injection is one of the most devastating vulnerabilities to impact a business , as it can lead to exposure of all of the sensitive information stored in an application's database ,including handy information such as usernames, passwords,addresses ,names and etc.
So, what exactly is SQL injection is ??
It is an vulnerability that results when you give an attacker the ability to influence Structured Query Language (SQL) queries that an application passes to a back -end database . By being able to influence what is passed to database ,the attacker can leverage the syntax and capabilities of SQL itself ,as well as the power of flexibility of supporting database functionality and operating system functionality available to the database . SQL injection is not a vulnerability that exclusively affects Web applications .
So ,if you guys want more about it please
COMMENT || UPVOTE || RESTEEM
PLEASE