test - Githubissues

mlim-scw commented 1 year ago

asdf

mlim-scw commented 1 year ago

sqli

dev-secure-code-warrior-pilot[bot] commented 1 year ago

Micro-Learning Topic: SQL injection (Detected by phrase)

Matched on "sqli"

What is this? (2min video)

This is probably one of the two most exploited vulnerabilities in web applications and has led to a number of high profile company breaches. It occurs when an application fails to sanitize or validate input before using it to dynamically construct a statement. An attacker that exploits this vulnerability will be able to gain access to the underlying database and view or modify data without permission.

Try a challenge in Secure Code Warrior

Helpful references

PHP SQL Injection Page - A detailed page on SQL injection in the online PHP manual.
OWASP SQL Injection Prevention Cheat Sheet - This article is focused on providing clear, simple, actionable guidance for preventing SQL Injection flaws in your applications.
OWASP SQL Injection - OWASP community page with comprehensive information about SQL injection, and links to various OWASP resources to help detect or prevent it.
OWASP Query Parameterization Cheat Sheet - A derivative work of the OWASP SQL Injection Prevention Cheat Sheet focused on SQL query parameterization.
Preventing SQL Injection Attacks With Python - A tutorial on crafting parameterized queries, SQL composition and safe query execution in Python.

mlim-scw commented 1 year ago

asdf

mlim-scw / angular

test #21

Micro-Learning Topic: SQL injection (Detected by phrase)

Matched on "sqli"

Try a challenge in Secure Code Warrior