How can we help?
-
Dictionary
- API
- Authentication Bypass
- Blind SQL injection
- Broken Access Control
- Broken Authentication
- Brute-Force Attack
- Caching
- Captcha
- Certificate Authority (CA)
- Clickjacking
- Client-Side
- Cross-Site Request Forgery (CSRF)
- Cross-Site Scripting (XSS)
- Dark Web
- Denial of Service (DoS)
- Distributed Denial of Service (DDoS)
- DNS
- DNS Amplification Attack
- Domain Administrator (DA)
- Encryption
- End of Life (EOL)
- Ethical Hacking
- Expired Certificate
- HTTP
- HTTPS
- Incident Response (IR)
- Injection
- Insufficient Logging & Monitoring
- Internal IP Address
- IoT
- IP Address
- Man in the Middle Attack (MiTM)
- Open Source Intelligence (OSINT)
- Patching
- Pentest
- Phishing
- Ransomware
- Red Team Test
- Security Misconfiguration
- Server-Side
- Session Expiration / Session Timeout
- Session Hijacking
- Session Token
- Smishing
- SMTP
- Spoof
- SQL Injection (SQLi)
- VPN
- Vulnerable and Outdated Components
- XML External Entities (XXE)
- Show remaining articles (35) Collapse articles
< All topics
Print
SQL Injection (SQLi)
In this attack, a SQL query is injected into the application via input parameters. A successful attack could read sensitive data from the database, modify data in the database, execute operations on the database (including administrative operations), recover files on the DBMS file system, or issue commands to the operating system.
Table of contents
