SQL injection. Figure 1 By Kaveri Bhasin. Motive of SQL Injection. Obtain data from database Modify system functions Insert data in the backend database. Figure 2. Victims . Mostly Web applications with user input facilities. . Simplest Procedure. Guess field names.
Mostly Web applications with user input facilities.
101 AND Len(( SELECT first_name FROM user_data WHERE userid =15613)) = 6
Developed by OWASP.org
Free source to experiment and learnt about SQL injection
SQL injection is a serious concern
A single design error can be disastrous for the security of sensitive information