🎩SQL Injection

This is one of the most popular technique to attack Backend system. This technique you can inject the sql script in ti the code.

Example

Drawing

How to Protect

Input validation for request
Use ORM the library will handle this protection
Use Prepare statment for sql raw query -> select * from username where username = $1

this strategy will create sql statement by library and validate the argument

PreviousRouting Policies NextCross site script (XSS)

Last updated 6 months ago