1. Homepage
  2. RvR
  3. Application
  4. Attack Vectors

General Information

SQL Injection

Variants:
Direct Persistent Session 

Also Known As:
Sequel Injection

Vector Type:
Attack

Relevance:
Generic

Layer:
Application-Level

Platforms:
Any

Target Type:
Application

Affected Mechanisms:
Input Validation, Syntax Escaping, Database Access

Invented In:
25/12/1998

Added In:
11/01/2015

Quick Introduction to the Topic:


Vector Operation Method:
Malicious inputs can affect the structure of SQL queries


Direct Variant:

SQL Injection

Also Known As:
Sequel Injection

Typical Severity:
Critical

Resources:

Wiki

CWE

CAPEC

WASC

Vulnerapedia

OWASP Attacks

OWASP Testing Guide

Hakipedia

Other I

Other II

Other III

White Papers:

Paper I

Paper II

Paper II

Learn More:




Persistent Variant:

Second Order SQL Injection

Also Known As:
Stored SQL Injection

Typical Severity:
Critical

Resources:

Wiki

Other I

Other II

Other III

White Papers:

Paper I

Learn More:





Session Variant:

SQL Injection via Session Puzzling

Also Known As:
Session SQL Injection

Typical Severity:
Major

Resources:

White Papers:

Paper I

Learn More:





TECAPI ©

Join