We examine the following :
SQL injection
XSS
CSRF
SQL injection is a basic attack used to either gain unauthorized access to a database or to retrieve information directly from the database.
The principles behind a SQL injection are simple and these types of attacks are easy to execute and master.
SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application.
The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed.
Basic examples of injection attacks�
Assume the application is vulnerable to SQL injection, as it uses unvalidated user input to form SQL strings.
For instance, the following application has an email form where users enter their email address:
select email from users where email = ‘
where is what you enter in the form.
If we enter someone@somewhere.com in the form, the resulting SQL is:
select email from users where email = someone@somewhere.com
المادة المعروضة اعلاه هي مدخل الى المحاضرة المرفوعة بواسطة استاذ(ة) المادة . وقد تبدو لك غير متكاملة . حيث يضع استاذ المادة في بعض الاحيان فقط الجزء الاول من المحاضرة من اجل الاطلاع على ما ستقوم بتحميله لاحقا . في نظام التعليم الالكتروني نوفر هذه الخدمة لكي نبقيك على اطلاع حول محتوى الملف الذي ستقوم بتحميله .
|