Slideshow: Five common Web application vulnerabilities and mitigations

2/6

How to resolve SQL injection vulnerabilities? Trust no one!

Source:  Thinkstock

Injection vulnerabilities are among the most serious flaws endangering Web applications. Though injection attacks can come in a variety of forms, from operating system to LDAP injection, SQL injection is among the most likely choices for attackers. SQL injection occurs when SQL code is added to a Web form input inbox. Many sites don't check to make sure the user-supplied data is valid before generating a SQL query, allowing attackers to submit malicious SQL queries directly to a database. To prevent injection attacks, Web applications must be configured to assume that all external data comes from an untrusted source, and all user-supplied data must be validated.

View All Photo Stories

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

I hope others read this and take a look at their systems.  It's amazing that some do nothing to prevent this kind of security flaw. After exposing this, it may want to make some people try their hand a hacking. This just makes the issue even more widespread.

Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close