Open ivyhan-se opened 2 years ago
This is probably one of the two most exploited vulnerabilities in web applications and has led to a number of high profile company breaches. It occurs when an application fails to sanitize or validate input before using it to dynamically construct a statement. An attacker that exploits this vulnerability will be able to gain access to the underlying database and view or modify data without permission.
CWE 494
The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.
sql injection