Questions tagged [sql-injection]

SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).

646 questions with no upvoted or accepted answers
Filter by
Sorted by
Tagged with
7votes
0answers
732views

QSqlTableModel::setFilter and Sql Injection

I was wondering if there is a way to prevent SQL injection while using QSqlTableModel::setFilter and no validation for WHERE clause Condition. I don't want to use QSqlQueryModel since I need edit ...
user avatar
  • 159
6votes
1answer
2kviews

Is using org.postgresql.core.Utils.escapeLiteral enough to prevent SQL Injections?

I need to sanitize some user entered data before building sql queries and updates to submit to my DB. I know that it is preferable to use either prepared statements but this is not an option. ...
user avatar
4votes
0answers
168views

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

I have used following method to call stored procedures from my application and it is working perfectly. The main issue is that when i run veracode on my application, it is giving me following error on ...
user avatar
4votes
0answers
183views

SQL injection for raw query in Room migration class

OWASP tool gives warning of sql injection while writing raw sql query in Room migration. Is there any solution to overcome for this problem. Below is my code: class Migration1to2 : Migration(1, 2) { ...
user avatar
4votes
0answers
638views

How to scan particular URL or page alone in owasp zap

I have installed OWASP ZAP 2.8.0 and scan our site fully. In result we got some SQL injection URL's or pages. So We have fixed that SQL injection issues in development which is mentioned OWASP tool. ...
user avatar
4votes
1answer
169views

May multiplication operator cause SQL injection?

I am using acunetix to perform part of a security audit on an incoming website. The application is mainly developped with PHP and MySql. All user input are escaped, but some input (url parameters ...
user avatar
  • 1,447
3votes
1answer
99views

How can I know if my SQL query not expose to SQL injection

I have an originally SQL query: f"SELECT FIELDS(ALL) from xxxx WHERE CreatedDate >= {start_time}" I wanted to make that query safe from sql injection attack but I could not see how can I ...
user avatar
3votes
1answer
386views

IBM AppScan - Blind SQL Injection (Time Based) - JSF 2.2 & Primefaces - JBOSS 7.2 EAP

Orginal Post IBM AppScan We recently received result from IBM AppScan DAST and some of the result don't make much senses. High -- Blind SQL Injection (Time Based) Parameter: form:propertyTree:0:...
user avatar
  • 381
3votes
1answer
200views

SQL Server database injection

I have a simple web application in asp with SQL Server back end database. The login page has an injection point and I am able to bypass the login by the usual ` ' OR 1=1 '. Now I was able to ...
user avatar
  • 41
3votes
3answers
177views

c# - Parametrized Query

I am working on a .net website which uses a DB2 database which uses Insert/Update and Select Queries. I researched about SQL Injection and I believe I've parametrized my query to avoid SQL Injection. ...
user avatar
3votes
0answers
203views

Are JPA's persist and merge vulnerable to sql injection?

For example, if I have code like what is featured below to add a new user, is it vulnerable to SQL injection? The user object has been created from user input (i.e. name, email, password). I've used ...
user avatar
3votes
0answers
349views

Symfony doctrine had an sql injection failure?

I made a little project in symfony 3, and ran the detectify.com over that. As detectify says, i have "Blind SQL Injection in MySQL" risk I have Postgres, but nevermind. My keys in the table escalated ...
user avatar
  • 378
3votes
1answer
852views

Rails 4.2 - How to properly use rails sanitize to protect against cross scripting vulnerabilites

I am on rails 4.2.1 (ruby 2.2.1p85) and I want to sanitize user input and also have that text cleared out of the post/get params. I don't want to solely depend on native rails 4 auto escaping. Being ...
user avatar
  • 343
3votes
0answers
64views

How does data.stackexchange.com allow queries securely?

https://data.stackexchange.com/ lets me query some (all?) of stackexchange's data/tables using arbitrary SQL queries, including parametrization. What program do they use to do this and is it ...
user avatar
3votes
1answer
422views

Hibernate SQL Injection

I'm auditing a project and I found a way to inject data in a query. The project uses Hibernate and for this piece of code Session.createSqlQuery() and then a .list() The SQL is something like : "...
user avatar
3votes
0answers
1kviews

Typecasting numeric ID to integer to prevent SQL-injection

I'm implementing a bulk delete feature. The application uses PDO, but I haven't figured out a nice way to use prepared statements for this. I have an array of ID's of rows to delete, any length: ...
user avatar
  • 12.2k
3votes
0answers
1kviews

Defense Against Sql Injection In Oracle When Bind Variables Cannot Be Used

In situations where we cannot use bind variables, such as when our dynamic queries have to execute ddl statements, is the following list of defenses enough? Never use anonymous blocks in dynamic ...
user avatar
  • 423
3votes
1answer
4kviews

Injection Attacks against .NET DataView RowFilter

So I'm writing a handler that filters a cached DataTable based on the AppRelativeCurrentExecutionFilePath using the DataView RowFilter property. What's the best way to encode the input to prevent an ...
user avatar
  • 13.3k
2votes
0answers
94views

Prepaid Statement with AWS Athena in JAVA

I am new to AWS Athena. I just started using the Athena. I have integrated the Athena in java. I used the string concatenation for the building Athena query. There might be chances of the sql ...
user avatar
2votes
0answers
122views

Is there any way to execute multiple sql commands inside dbms_xmlquery.getxml or DBMS_XMLGEN.getXML(..) or other PL/SQL xml functions?

I found an article with example of executing dynamic PL\SQL code inside of dbms_xmlquery.getxml(..) function. This article is https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/SQL%...
user avatar
  • 21
2votes
1answer
156views

How to track down Invalid utf8 character string

Running a search in PHPMyAdmin for an ip address to unblock from a WordPress plug in, I get this on one of the tables: Warning: #1300 Invalid utf8 character string: '\x8B\x08\x00\x00\x00\x00\x00\x00\...
user avatar
  • 23
2votes
0answers
660views

Why does Veracode report CWE-89?

I have this SQL query written in JDBC which contains dynamic table and fields names: private String checkDimension(String tenantId, String prefix, Long schemaMetaId, Long transactionalMetaId, ...
user avatar
2votes
1answer
173views

is this an SQL injection

In the apache access logs I found the following code as query string (GET), submitted multiple times each second for quite a while from one IP: **/OR/**/ASCII(SUBSTRING((SELECT/**/COALESCE(CAST(LENGTH(...
user avatar
2votes
0answers
161views

protecting from CSRF in amplify with SQL data source

I'm setting up a small app using AWS-amplify. Due to the the queries I needed to perform I needed to use a SQL database. I've therefore made an Aurora database and connected in to my amplify graphql ...
user avatar
2votes
0answers
1kviews

Attempted php hack/inject in search AND user-agent: "print(238947899389478923-34567343546345)"

Viewing my latest search queries I stumbled upon the below query. d3d3lmfrdglllxnryxquzgsv"{${pr.i.nt(238947899389478923-34567343546345)}}" Please note: I've inserted the dots in print just to make ...
user avatar
  • 1,336
2votes
1answer
73views

Will limiting OR conditions in your SQL can fix SQL injection vulnerbilty?

Our website was reported as vulnerable to SQL injection and the developer who fixed this vulnerability was telling that they have to limit the OR clauses in the search criteria. Previously users ...
user avatar
  • 3,174
2votes
1answer
202views

How to prevent SQL injection while executing a MySQL statement through shell?

I have this code: printf '%s' 'Enter deployment request ID: ' read request_id [[ $request_id ]] || { printf '%s' 'Request ID is required' >&2; exit 2; } ... mysql -h "$db_host" -u app_user --...
user avatar
  • 33.3k
2votes
0answers
2kviews

SQL binding mechanisms should be used

I have a code as following : final String query = "SELECT id FROM " + getSimpleName() + " WHERE " + relationName + ".id = :successor"; final Query queryConcerned = this.entityManager.createQuery(...
user avatar
2votes
0answers
4kviews

SQL injection with no spaces

I'm trying to exploit an SQL injection on a website (in the name of Science, of course). After some tests I found how the back-end works. The SQL query is formed like this: $query = 'SELECT * FROM ...
user avatar
  • 31
2votes
1answer
1kviews

Using prepared statements in Qt

I want to insert the data of a (custom) class "Table" into my database - the data is retrieved from internal files, but for the sake of security, I'd like to assume the sources are untrusted. ...
user avatar
2votes
2answers
2kviews

How to simulate SQL injection in NodeJS mysql

I am using NodeJS with mysql for working with SQL database. For school example I want to simulate SQL injection. I wrote code with possible SQL injection: const mysql = require('mysql') const ...
user avatar
  • 329
2votes
0answers
229views

NopCommerce attempted SQL injection?

I tried to post this on the NopCommerce boards, but it blocked me. So, I'm guessing this might be dangerous? Anyway, here is my attempted post: I've had a number of searches in my store recently ...
user avatar
  • 8,527
2votes
0answers
1kviews

Node.js / Javascript equivalent for mysql_real_escape_string()

I need to make a JavaScript string which is passed into Node.js friendly for MSSQL. This question: Making a javascript string sql friendly has a great answer that explains how to escape strings for ...
user avatar
2votes
2answers
752views

False positives for SQL injection from find-sec-bugs

We're using find-sec-bugs with findbugs to find potential problems in our code. We using Spring JDBCTemplate for our DB access, and find-sec-bugs seems to think we have SQL injection vulnerabilities ...
user avatar
  • 39k
2votes
1answer
816views

PHP PDO Security Procedures for Simple Inserting into MySQL

I'm just starting to learn PHP (alongside SQL) and I've looked a lot into security measures. This website: https://www.owasp.org/index.php/PHP_Security_Cheat_Sheet has helped me, although most of it ...
user avatar
2votes
1answer
31views

Prepared statements for data out of a database

When users first make an account on my website, they enter their username and password, these are both put though a prepared statement to prevent SQL injections. But later down the line I will grab ...
user avatar
2votes
1answer
198views

Mysql: Is this safe enought to not use prepared statements?

I know, you should always use prepared statements..., and that's what I do, But! they are slower and if there is some input that's 100% safe I guess I could not use them. (PHP) if ( ctype_digit($...
user avatar
  • 575
2votes
0answers
64views

Is there any way in sqlmap(sql-injection testing tool) to fetch database tables without running the complete test?

Is there any way in sqlmap(sql-injection testing tool) to fetch database tables without running the complete test? When I test a URL it takes a long time to Complete the whole test and retrieve ...
user avatar
2votes
1answer
3kviews

Hp fortify issue- showing cross site scripting poor validation in PHP

I am sending data to the client side in json format using rawurlencode method. It is showing cross site scripting poor validation in rawurlencode method in hpfortify.How to remove this issue. Any ...
user avatar
2votes
1answer
596views

Major performance degradation with named parameters and preventing sql injection using hibernate with native sql

I'm using hibernate 3.6.4.Final and sql server 2008 r2 and got a query on a table with more than 20 million records. Criteria api does unfortunatly generate sub-optiomal queries when paging (select ...
user avatar
  • 165
2votes
0answers
92views

Is my code hackable or secure enough?

I wonder if my app is injectable in the front end form, URL or in any other way. Frontend: <form id="form1" runat="server"> <asp:HyperLink ID="HyperLinkBack" runat="server" NavigateUrl=...
user avatar
  • 68
2votes
2answers
82views

Rails: Search for substring without getting SQL Injected

I'm trying to implement auto complete for Rails. I have something like the following in my code - Location.where("name like ?", "%#{params[:location]}%") I'm afraid this would lead to SQL injection. ...
user avatar
2votes
1answer
630views

Detect SQL injection in Groovy dynamic SQL

How can you detect SQL injection vulnerability in a Grails app with dynamic native SQL? What I'm looking for is something that can tell the difference between this def sql = new Sql(dataSource) def ...
user avatar
  • 16.6k
2votes
0answers
122views

Brainstorm! cfqueryparam-strength validation w/o the tag

Background: A colleague of mine developed a bunch of ColdFusion applications built on a common home-grown framework. There are ~100 applications each with their own databases. Problem: I think it's ...
user avatar
  • 158
2votes
0answers
321views

Is SqlBulkCopy vulnerable to SQL Injection?

Haven't been able to find a reasonable answer for this... It would seem that SqlBulkCopy is not vulnerable to injection because the columns are matched through inner parameters of the SqlBulkCopy and ...
user avatar
2votes
0answers
821views

Prevent this code (Datatables PHP Server-side) from SQL Injection

I'm using JQuery Datatables with PHP server-side script which fetches data from MySQL. I took PHP script example from Datatables site and changed it a bit in order to change it from old mysql to ...
user avatar
2votes
1answer
1kviews

How to prevent injection attack in CREATE query in python mysql

I know the proper way to avoid injection attack in SELECT or INSERT queries using python module MySQLdb is: cursor.execute("SELECT spam, eggs, sausage FROM breakfast WHERE price < %s", (max_price,)...
user avatar
  • 1,247
2votes
0answers
897views

Allow all special characters and prevent SQL injection / XSS

I am using Asp.NET MVC 3 with EF 4.1 With SQL Azure. I have both linq expressions as well as stored procedures. Now, I need to allow all the special characters like "';&<>/ etc to be ...
user avatar
2votes
2answers
1kviews

php login from cookie - some SQL injection prevention example

I've written a simple PHP application (MyApp) that allows users to log into their Evernote account using Evernote's SDK for PHP. However, in my application, I want to do this: User approves Evernote ...
user avatar
2votes
1answer
361views

Query parameterized but '[' not giving search-results. VB.NET Framework 4. Entity to ESQL

The following are company name in my database. I am trying to produce on the fly string query that are foolproof against SQL Injection. I test the safety tolerance level of parameterized query ...
user avatar

15 30 50 per page
1
2 3 4 5
13