๐ŸŽ New User? Get 20% off your first purchase with code NEWUSER20 ยท โšก Instant download ยท ๐Ÿ”’ Secure checkout Register Now โ†’
Menu

Categories

Security Beginner

What is SQL Injection?

An attack where malicious SQL code is inserted into application queries through user input to access or manipulate the database.

SQL injection occurs when user input is directly concatenated into SQL queries without sanitization. An attacker might enter ' OR 1=1 -- as a username, bypassing authentication or extracting data.

Prevention methods include parameterized queries (prepared statements), input validation, least-privilege database accounts, and ORM usage. SQL injection remains one of the OWASP Top 10 vulnerabilities and can lead to complete database compromise.

Related Terms

CORS (Cross-Origin Resource Sharing)
A browser security mechanism that controls which web domains can access resources from another domain via HTTP requests.
OWASP Top 10
A regularly updated list of the ten most critical web application security risks, published by the Open Web Application Security Project.
Certificate Pinning
A security technique that associates a host with its expected TLS certificate or public key, preventing man-in-the-middle attacks with fraudulent certificates.
Firewall Rules
Configuration entries that define which network traffic is allowed or blocked based on source, destination, port, and protocol.
Two-Factor Authentication (2FA)
A security method requiring two different forms of identification before granting access to an account.
Vulnerability Scanning
Automated testing that identifies known security weaknesses in systems, applications, and network infrastructure.
View All Security Terms โ†’