My Portal Project » Blog Archive » A must-read for web developers: SQL Injection by example

A must-read for web developers: SQL Injection by example

I always thought I had a good grasp on what SQL Injection is all about until I read this article about these guys who use SQL injection to compromise a corporate intranet. I have to admit guilt when it comes to using basic field names like ‘email’, ‘fullname’, and ‘address’, and these guys make full use of information like that. Scary stuff that every developer should know about.

This entry was posted on Tuesday, May 16th, 2006 at 4:13 pm and is filed under Web Development, General. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

One Response to “A must-read for web developers: SQL Injection by example”

My Portal Project » Blog Archive » Lesson Learned: Better Web Application Security Says:
July 3rd, 2006 at 7:34 am
[…] A while back I posted a link to a site that explained SQL injection with a real life example. Although I always thought I understood application security, I never seem to go a month without learning something new, and our recent go-live with two web applications kept that record going. […]