
Neel explains what SQL injection means
In this week’s edition of JUMPSEC’s Jargon Buster series, Neel Rana explains what SQL injection is, and next week William Hall will follow up with Blind SQL injection
Video transcript:
“SQL injection is a vulnerability that can affect database driven applications. For example, in the case of a dropdown box in a web application, choosing an option will send a request to the database to return the given information. If the request is not limited to a pre-defined list of database queries, it may be possible to ask the database to return all or some of its contents thus bypassing any encryption and other controls.”