SQL Injection Attack

Put simply, an SQL injection attack is an attempt to pass malicious code or other data to an underlying SQL RDBMS. Typically this is facilitated through code that blindly places user-input into SQL statements.

• Database functions

• See Web Application Security and security attacks catalog.
• Blind SQL Injection (PDF)
• SQL Injection
• PHP Security: Database Security
• MySQL Injection (french)