SQLi: How it Works, Part 1

In this 6-part series on SQLi (SQL Injection) we shall be describing the vulnerability and its variants, showing how it works and what an attacker can do with it. SQL injection (SQLi) refers to an injection attack wherein an attacker can execute malicious SQL statements (also commonly referred to as a malicious payload) that control a web application’s database server (also commonly referred to as a Relational Database Management System – RDBMS).

Read full news article on Dzone