Resource
Article [7215]
General
[1038]
Acceptance
[63]
Ad Hoc
[28]
Agile, Scrum
[233]
Black Box
[117]
Bug, Defect
[258]
DB, Test Data
[275]
Environment
[43]
Functional
[115]
Glossary, Term
[74]
GUI, Usability
[98]
Integrate test
[47]
Interview, FAQ
[288]
Manual Testing
[117]
Methodology
[232]
Metrics
[332]
Mobile, Embed
[154]
Performance
[327]
Process
[194]
Requirement
[124]
Review, Static
[102]
Risk
[99]
Security Test
[215]
Standard, ISO
[179]
Test Automate
[349]
Test Case
[342]
Test Design
[70]
Test Plan
[314]
Test Manage
[228]
Test Script
[56]
Test Technique
[265]
Tool
[176]
Tool- Jmeter
[41]
Tool- Selenium
[127]
Unit Test
[167]
Web Test
[258]
White Box
[70]
Ebook [1168]
General
[281]
Acceptance
[3]
Agile, Scrum
[24]
DB Test
[76]
Development
[137]
GUI, Usability
[17]
Interview, FAQ
[9]
Java Test
[68]
Metrics
[17]
Mobile, Embed
[14]
Performance
[49]
Process
[11]
Requirement
[55]
Review, Analysis
[8]
Risk
[7]
Security Test
[71]
Standard
[20]
Test Manage
[86]
Test Automate
[84]
Tool
[8]
Unit Test
[67]
Web Test
[60]
Testing Tool [2277]
Acceptance
[25]
Agile, Scrum
[42]
Bug Tracking
[127]
Build, Release
[27]
Environment
[58]
DB, Test Data
[83]
Functional
[240]
GUI, Usability
[79]
Java Test
[71]
Metrics
[57]
Mobile, Embed
[79]
Network Test
[67]
Performance
[222]
Requirement
[62]
Review, Static
[105]
Security Test
[111]
Test Design
[52]
Test Manage
[208]
Unit, Debug
[224]
Utility, Capture
[97]
Web Testing
[235]
Video [622]
News [2773]
Webinar [914]
Certification Resource
CTAL [271]
CTEL [35]
CSTE, CSQA [198]
CSQE [41]
CMMI, TMMI [135]
PMP [115]
ITIL [67]
Six Sigma [41]
Other [83]
Forum
Forum [1943]
Book
[56]
Certification
[48]
Conference
[64]
ISTQB
[159]
QTP
[93]
Software Test
[1066]
Standard, ISO
[89]
Testing Tool
[289]
![[Level:4]](http://www.vietnamesetestingboard.org/zbxe/modules/point/icons/default/4.gif "Point:700point (81%), Level:4/30"){kind=icon}
saurava
2010.10.07 22:04:00
1733
Introduction
SQL injection is one of type of web hacking that require any web based application which
is connected to a back-end database, and it might just work even if the admin is patchhappy.
It attacks on the web application (like ASP, JSP, PHP, CGI, etc) itself rather than on
the web server or services running in the OS.
What is SQL Injection?
It is a trick to inject SQL query/command as an input possibly via webpages. Many web
pages take parameters from web user, and make SQL query to the database. Take for
instance when a user login, web page that user name and password and make SQL query
to the database to check if a user has valid name and password. With SQL Injection, it is
possible for us to send crafted user name and/or password field that will change the SQL
query and thus grant us something else.
![[Level:0]](http://www.vietnamesetestingboard.org/zbxe/modules/point/icons/default/0.gif "Point:10point (33%), Level:0/30"){kind=icon}
Service
New
Popular Documents
Monthly
Yearly
Popular Download
Weekly
Monthly
Twitter
tag
testing
Software
Selenium
Questions
PM
Plan
Test Automation
ISTQB
mobile testing
QA
framework
mobile application testing
QTP
web
software testing company
Metrics
Exam
Test
mobile
Quality
web testing
tool
Automation
Sample Exam
Bug
conference
Software Testing
Manual
Interview
tester
security testing
software qa service
performance
Certification
checklist
Management
Test management
Development
Sql
Template
Performance Testing
Guide
test plan
outsourcing software testing
agile testing
HP
process
security
Unit Testing
agile
Test Case
Visitor
Member Login (IP)
277933
29847
209825778
Yesterday
Today
Total
thanks for sharing