Questions tagged [sql-injection]

SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).

Filter by
Sorted by
Tagged with
-1votes
1answer
34views

I want to make SQL injection into checking login code. But it doesn't work

I'm studying SQL Injection with checking login code. But it's hard to success the attack. $check="select * from user_info where userid='$id'"; $result=$mysqli->query($check); if($result-&...
user avatar
-1votes
0answers
8views

Yii 1.1.15 - How to bind array variables in WHERE IN Condition [duplicate]

How to use variable binding in where in clause instead of imploding array and directly assign to the field name in yii relations. my functions is, public function relations() { $paymentModeIds = ...
user avatar
-2votes
0answers
28views

Second Order SQL Injection [closed]

def find_or_create_bp(bp_metadata): """ Returns a BusinessProcess, creating a new one if not found. """ bp_id = bp_metadata\['id'\] bp_name = bp_metadata\['name'\] ...
user avatar
0votes
1answer
29views

SQL sanitize python [duplicate]

What is the best way to sanitize a SQL to prevent injection when using python? I'm using mysql-connector. I have read that I should use a structure similar to: import mysql.connector connection = ...
user avatar
-6votes
0answers
30views

What does mean structure `_${}` in javascript? [duplicate]

During the learning js I have faced with this query. SELECT \* FROM test${req.query.data ? `_${req.query.data}` : ""} WHERE ... Could you explain what does mean ${req.query.data ? `_${req....
user avatar
-4votes
0answers
33views

Using PDO or MySQLi in 2022 to help preventing SQL Injections into MySQL via PHP? [closed]

I've read a lot about SQL Injections via PHP and I've read a lot of threads here like: How can I prevent SQL injection in PHP? Main thing was to use the charset of the connection and the tables with ...
user avatar
  • 233
-3votes
1answer
40views

What does ${data} mean in SQL? [closed]

I am trying to find out what ${data} means in this query and is this query vulnerable to SQL injection? SELECT * FROM test WHERE ${data};
user avatar
0votes
1answer
23views

SQL injection attack simulation does not work properly

I saw in a tutorial that in order to simulate a SQL injection attack instance in JDBC, it writes the following statement in SQLite with double quotes and then records are loaded. But when I write the ...
user avatar
  • 35
0votes
0answers
29views

INSERT Statement in XPATH SQL Injection

I was trying to hack my database and used a method known as error based SQL Injection using extractvalue functions. I was successful in getting the database tables and columns using the below payload: ...
user avatar
0votes
1answer
25views

Constructing SQL Server query from parts in python SQLAlchemy

Python = 3.10.2 SQLalchemy = 1.4.32 pyodbc = 4.0.32 Is it possible to construct sql query from parts and not risk SQL injection? This is what I tried This function is part of a wrapper class which ...
user avatar
  • 283
0votes
0answers
8views

django debug toolbar unit testing version change

I'm updating a legacy Django (version 2.2.27) running on Python 3.7.7 to use an upgraded version of django-debug-toolbar (version 2.2.1) because of a Dependabot alert. The alert was about possible SQL ...
user avatar
  • 1,419
-4votes
0answers
25views

Does the ORM OR Query builder of Laravel have the ability to Stop SQL Injection Attacks? [duplicate]

Does the ORM OR Query builder of Laravel have the ability to Stop SQL Injection Attacks?
user avatar
0votes
0answers
23views

SQLi - how update

I am learning cybersecurity and I have such a task regarding securing websites. I have a password change screen that has a SQL injection vulnerability. The template to be changed looks as standard: ...
user avatar
-3votes
0answers
22views

is my code vulnerable to an SQL-Injection [duplicate]

So i have this python function that gets all messages containing query given as argument and i want to check if my function is vulnerable to an SQL-Injection? As far as i know giving "OR 1 = 1'; ...
user avatar
  • 13
-2votes
1answer
53views

SQL multiple column equality

This is not a real production code! this was presented in a Google CTF to find and learn about application vulnerabilities and how to protect from them I'm trying to understand a weird SQL syntax I've ...
user avatar
  • 47
1vote
1answer
27views

Using 'where..in' inside store procedure with prepared statements (Safe Way)

Im trying to secure my store procedure to avoid SQL Injection attacks using prepared statements. with the guide that mentioned here : "https://dev.mysql.com/doc/refman/8.0/en/sql-prepared-...
user avatar
  • 1,618
-2votes
0answers
19views

Is this method good for XSS protection or SQL Injection

$untrusted_data = $_POST['data']; $safe_data = preg_replace('/[^a-zA-Z0-9@.#$]/s','',htmlspecialchars(stripslashes(trim(htmlentities($input))))); Is this method good?
user avatar
-4votes
0answers
41views

Strange SQL attack on MySQL server [duplicate]

recently we had an attack on our login form. The attacker used some strange string that looks a bit like SQL injection, but I think it is a different type of attack. Can you tell me what that is and ...
user avatar
1vote
0answers
27views

How to update two values in 100 existing rows in mysql with php most efficiently? [duplicate]

I have a table items with id as primary key, and two more fields activatedby and active. CREATE TABLE `items`. ( `id` BIGINT NOT NULL AUTO_INCREMENT , `active` BOOLEAN NOT NULL DEFAULT FALSE , `...
user avatar
0votes
1answer
42views

Mysql INSERT INTO SET ? syntax

await query(`INSERT INTO feedback.app_v2 SET ?`, feedback) I wrote this line to code into my JS project to insert data in the concerning table. I want to ask if this MySql syntax is safe from Sql ...
user avatar
0votes
0answers
23views

SQL Injection for PHP INSERT statement [duplicate]

I currently have this. $stmt = $connection->prepare("INSERT INTO user VALUES(:email, :dob, :username, :password)"); $stmt->bindValue(':email', $email_address); $stmt->bindValue(':...
user avatar
0votes
0answers
15views

How can the attacker exploit the blind SQL inject vulnerability apart from sleeping the server? [duplicate]

In one of my projects I discovered a blind-sql-injection vulnerability, that goes like this: the url index.php/company/lang/action can be injected with some extra sql like this index.php/company'%...
user avatar
0votes
1answer
30views

syntax to guard against SQL-injection of named identifiers

I'm reading the psycopg2 documentation & wondering how to parametrize SQL identifiers of tables with a name? Here is an example: import psycopg2 conn = psycopg2.connect() cursor = conn.cursor() ...
user avatar
  • 267
1vote
1answer
60views

What SQL injections can bypass this authentication page?

I am working on building a login page to demonstrate SQL injections. I've tried my best to build the most "simple" login. I've been using credentials such as 1' or '1' = '1 for username &...
user avatar
0votes
0answers
22views

SQL cleaning function in python

So I have a message field on a form and I want to save the message into a database column named help_desk_message. I know that Django already tries to handle sql injection for you but I want to do a ...
user avatar
1vote
1answer
18views

Second Subquery Inside INSERT Into saves int 0

Read it carefully, we have this query which is inserting values in the table called users. For the value member_id we are running a subquery to select from the table admin_users the id of the member. ...
user avatar
0votes
0answers
11views

1064 error: You have an error in your SQL syntax; [duplicate]

I'm trying to exploit a sql injection. the target has a comment field, which it is used to INSERT data to a MySQL table. I receive this error, when I fill the field by a comma ': Query: INSERT INTO ...
user avatar
  • 1
0votes
1answer
44views

How to stop SQL injection in Django column of a model

So I know that Django naturally handles sql injections for columns in tables but my team want to do more. We have a help_message table in Django and there is a column in that table called Message ...
user avatar
0votes
1answer
69views

Understanding why UNION is used in this SQL injection example

I'm trying to understand more about SQL injection, so I found this lesson from Red Tiger Labs. According to the solution, the cat=1 part of the URL is vulnerable to SQL injection. I can understand ...
user avatar
  • 48.7k
0votes
1answer
41views

How to protect correctly GUI application from SQL injection

I am developing a GUI application (pyQt) where the user will add data that I want to store in a local database (sqlite). I am a beginner in this field, and even if the application is not connected or ...
user avatar
-2votes
1answer
45views

Check if there is SQL injection in a string without access to the database (no parameters)

I have a task to check and prove if there is a way to prevent SQL Injection without access to the database first - So no parameterized statements. This basically means: Is there a way to parse SQL ...
user avatar
1vote
2answers
55views

How can I extend an SQL query in a variable?

I am testing possible SQL injections on my DB, and I am running a simple function to get results which a user should not be getting. The return value is correct based on id, however, the rest of the ...
user avatar
  • 451
0votes
1answer
78views

Why is PyMySQL not vulnerable to SQL injection attacks?

I am new to PyMySQL and just tried to execute a query: c.execute('''INSERT INTO mysql_test1 ( data, duration, ...
user avatar
0votes
1answer
43views

To prevent SQL-injection in user-defined formulae, is character whitelisting enough?

In my SaaS app, I want to give customers user-defined arithmetic expression formulae, with plus minus multiple and divide, and if else For example, the customer might enter a formula like CASE WHEN ...
user avatar
  • 1,309
0votes
0answers
17views

Python : Safe way to insert multiple values to psql table

So to insert multiple values to my psql table I use the following code: sql_query = "INSERT INTO %s(%s) VALUES(%%s,%%s,%%s)" % (table_name, my_columns) cursor = connection.cursor() cursor....
user avatar
  • 110
0votes
0answers
26views

PHP PDO Prevent SQL Injection for MS SQL Server [duplicate]

I see so many different people saying to do different things. Is what I have enough for preventing SQL Injection into an MS SQL database? (not My SQL) <?php $id = $_POST['id']; $pdo = ...
user avatar
-1votes
2answers
59views

Should I care about sql injection after user has been authenticated?

Does make sense to check on malicious SQL input from an authenticated user?
user avatar
  • 1
0votes
0answers
13views

Can I avoid sql injection in sqlite fts replacing quotes? [duplicate]

Here is my sql in cpp: boost::format("select Rowid from Name where Idx match '%s'") % key Is it safe to prevent injection by filtering quotation marks? exmaple: key : "ab'c" -> ...
user avatar
  • 1
1vote
0answers
39views

Does such methodology lead to SQL injection? [duplicate]

I have created a function to search a table using a dictionary (attribute-value pair). I would like to know if designing methods like that would lead to SQL Injection? If so how to properly sanitize ...
user avatar
1vote
1answer
75views

MySQL parameterized query is functioning like it is not parameterized in C# application

I keep getting this error: MySql.Data.MySqlClient.MySqlException: 'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ...
user avatar
  • 156
0votes
1answer
51views

Couldn't figure out how the payload worked

I was solving one of TryHackMe's rooms about SQL injection.But I couldn't figured out one thing that came to my mind and after spending lots of time I thought it's best to ask that question here. In ...
user avatar
1vote
1answer
158views

Is values passed to WooCommerce update_meta_data method fully sanitizing?

I'm writing a WordPress plugin in which there is an input form for users with which they can add notes. I'm using WooCommerce update_meta_data method to save notes in database. Considering this code: $...
user avatar
  • 408
0votes
1answer
127views

SQL injection prevent with python [duplicate]

Hey i read all the guides there is with python and yet i couldnt find a solution for the next Query: select * from known_table_name where id in (list) list is a variable that holds = "1,2,3,56,7,...
user avatar
1vote
1answer
88views

Sonarqube warned sql injection on the input-driven column name in my hibernate sql

My java (Hibernate, MySql) code takes the input data to decide which column I want to update as below: String hsql = "update People set " + inputColumnName + " = null"; Query query ...
user avatar
  • 1,261
0votes
1answer
99views

Incorrect password in SQL injection

I Found a SQL Injection in the Username field with SQL query 1'or'1'='1'-- - and I have provided those in pictures If I type the same query in the password it shows an incorrect password what would be ...
user avatar
0votes
1answer
27views

Is the following code snippet vulnerable to SQL injection in Rails 5?

Is the following code snippet vulnerable to SQL injection in Rails 5 if the order parameter is not sanitized? I've tried testing it using the example provided in https://rails-sqli.org/rails5 but an ...
user avatar
  • 127
0votes
0answers
59views

Sanitizing SQL input in Django for PostgreSQL

I know that there are tools how to prevent sql injection especially with psycopg2 and how to work with them, but i have an other use case. The query should not be directly executed in PostgreSQL, but ...
user avatar
0votes
1answer
207views

Cannot make the OWASP.ESAPI library to start up. Configuration issue?

I need to set up this lib to encode the SQL queries. In my Spring Boot app (11th Java) I added to POM.xml the following dependency: <dependency> <groupId>org.owasp.esapi</groupId>...
user avatar
-3votes
1answer
58views

Is this SQL construction prone to SQL Injection? [closed]

Note: any SQL backend is fine for examples (Oracle, SQL Server, MySQL, Postgres), though for my examples I'm using MySQL to test. I was wondering if the following construction is prone to SQL ...
user avatar
  • 99.5k

15 30 50 per page
1
2 3 4 5
73