Slideshow: Five common Web application vulnerabilities and mitigations


How to resolve SQL injection vulnerabilities? Trust no one!

Source:  Thinkstock

Injection vulnerabilities are among the most serious flaws endangering Web applications. Though injection attacks can come in a variety of forms, from operating system to LDAP injection, SQL injection is among the most likely choices for attackers. SQL injection occurs when SQL code is added to a Web form input inbox. Many sites don't check to make sure the user-supplied data is valid before generating a SQL query, allowing attackers to submit malicious SQL queries directly to a database. To prevent injection attacks, Web applications must be configured to assume that all external data comes from an untrusted source, and all user-supplied data must be validated.

View All Photo Stories

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

I hope others read this and take a look at their systems.  It's amazing that some do nothing to prevent this kind of security flaw. After exposing this, it may want to make some people try their hand a hacking. This just makes the issue even more widespread.