Understanding SQL Injection Attacks
SQL injection was one of the primary attack vectors responsible for many of 2011’s high profile compromises including Sony Pictures, HBGary, and PBS. It was also responsible for the more recent Adobe data breach in which names, email addresses, and password hashes were stolen from one of their customer databases. SQL injection is a dangerous vulnerability that is easily detected and inexpensive to fix.
Further information on this exploit can be found in the article entitled “Understanding SQL Injection Attacks” which is available via the TTCSIRT Website at https://ttcsirt.gov.tt/documents/sqlinjection.pdf |