The IRMA Community
Newsletters
Research IRM
Click a keyword to search titles using our InfoSci-OnDemand powered search:
|
Prevention of SQL Injection Attacks in Web Browsers
Abstract
Applications that operate on the Web often interact with a database to persistently store data. For example, if an e-commerce application needs to store a user's credit card number, they typically retrieve the data from a Web form (filled out by the customer) and pass that data to some application or script running on the company's server. The dominant language that these database queries are written in is SQL, the Structured Query Language. Web applications can be vulnerable to a malicious user crafting input that gets executed on the server. One instance of this is an attacker entering Structured Query Language (SQL) commands into input fields, and then this data being used directly on the server by a Web application to construct a database query. The result could be an attacker's gaining control over the database and possibly the server. Care should be taken to validate user input on the server side before user data is used.
Related Content
Babita Srivastava.
© 2024.
21 pages.
|
Sakuntala Rao, Shalini Chandra, Dhrupad Mathur.
© 2024.
27 pages.
|
Satya Sekhar Venkata Gudimetla, Naveen Tirumalaraju.
© 2024.
24 pages.
|
Neeta Baporikar.
© 2024.
23 pages.
|
Shankar Subramanian Subramanian, Amritha Subhayan Krishnan, Arumugam Seetharaman.
© 2024.
35 pages.
|
Charu Banga, Farhan Ujager.
© 2024.
24 pages.
|
Munir Ahmad.
© 2024.
27 pages.
|
|
|