SQL injection what is it?

  • Interview Candidate
  • 3
  • 3644

Showing Answers 1 - 3 of 3 Answers

hemsiri

  • Jul 15th, 2008
 

SQL injection is a technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is in fact an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another.

·         SQL Injection is a technique that enables users to pass SQL to an application in a way that was not intended by the developer.·         SQL Injection is usually caused by developers who use “string – building “ techniques to generate SQL that is subsequently executed.·         PeopleSoft recommends you search your PeopleCode for SQL injection vulnerabilities.§  In Application Designer, select Edit, Find In ..§  For Find Type choose SQL Injection in PeopleCode.

  Was this answer useful?  Yes

Give your answer:

If you think the above answer is not correct, Please select a reason and add your answer below.

 

Related Answered Questions

 

Related Open Questions