LKBEN11120: What is SQL Injection?


This article has been checked.

LKB | Created: 02/04/2020 | Version: 1 | Language: EN | Rating: 0 | Outdated: False | Marked for deletion: False

Author: Wim Peeters - Keskon GmbH & Co. KG

Latest update: 05/10/2020 | Comment:


Symptom

You need information about SQL Injection.

Cause

You want to know what SQL-Injection is.

Solution

The exploit of a security breach in conjuncton with SQL databases is called SQL Injection.

The attack is made possible by inadequate masking or verfication of meta characters in user input. An attacker is attempting to smuggle his own instructions through the programm that controls the access to the database. The goal of the attacker is to manipulate the data to his advantage or to gain control of the database server.

About the Author

Wim Peeters is electronics engineer with an additional master in IT and over 30 years of experience including time spent in support, development, consulting, training and database administration. Wim has worked with SQL Server since version 6.5. He has developed in C/C++, Java and C# on Windows and Linux in different European countries and different European languages. He writes knowledge base articles to solve IT problems and publishes them on the Lubby Knowledge Platform where he is one of the most important contributors and the main developer.

Disclaimer:

The information provided in this document is intended for your information only. Lubby makes no claims to the validity of this information. Use of this information is at own risk!