SQL Injection is a vulnerability by which an attacker executes malicious SQL queries on the backend database by manipulating the input to the application.
Any input field like credit card number, account number, etc., which extracts data from the database by using where clause are the candidates of SQL injection. In addition, to form fields, an attacker can use hidden fields and query strings for successful exploitation.
SQL Injection is a vulnerability by which an attacker executes malicious SQL queries on the backend database by manipulating the input to the application. Any input field like credit card number, account number, etc., which extracts data from the database by using where clause are the candidates of SQL injection. In addition, to form fields, an attacker can use hidden fields and query strings for successful exploitation.
Examples of SQL injection Blind SQL Injection