sql-injection

问题 I am in the process of upgrading my Rails app to 5.2.3 I am using the following code in my app. MyModel.order('LOWER(name) ASC') It raises the following deprecation warning: DEPRECATION WARNING: Dangerous query method (method whose arguments are used as raw SQL) called with non-attribute argument(s): "LOWER(name)". Non-attribute arguments will be disallowed in Rails 6.0. This method should not be called with user-provided values, such as request parameters or model attributes. Known-safe

问题 Why is EXECUTE IMMEDIATE allowed in stored procedures, if stored procedures are meant to mitigate SQL injection attacks? The accepted answer to the following question refers to them as a step against such attacks: What is a stored procedure? https://stackoverflow.com/a/459531/3163495 "Stored procedures also have a security benefit in that you can grant execute rights to a stored procedure but the user will not need to have read/write permissions on the underlying tables. This is a good first

问题 I am writing a DbAdapter in PHP. Trying to avoid sql injection attacks, for conditional selects, I need a way to check for the sanity of the SQL query that I am going to run. Given that prepared statements make the implementation very complicated, is there a quick way to check for the sanity of the sql query ( WHERE clauses in particular as is the case here) before executing in the heart of the class? For example, a helper method to return false for malicious or suspicious queries will be

问题 I am writing a DbAdapter in PHP. Trying to avoid sql injection attacks, for conditional selects, I need a way to check for the sanity of the SQL query that I am going to run. Given that prepared statements make the implementation very complicated, is there a quick way to check for the sanity of the sql query ( WHERE clauses in particular as is the case here) before executing in the heart of the class? For example, a helper method to return false for malicious or suspicious queries will be

问题 This question already has answers here : Examples of SQL Injections through addslashes()? (4 answers) Closed 5 years ago . I am using addslashes() on all the parameters receiving on page. And also applying single courts around those variables in mysql query. Here is my code: $string = addslashes($_POST['string']); $queryString = " INSERT INTO general (description) VALUES ('$string')"; $query = mysql_query($queryString); AND $queryString = "SELECT description FROM general WHERE description = '

问题 Orginal Post IBM AppScan We recently received result from IBM AppScan DAST and some of the result don't make much senses. High -- Blind SQL Injection (Time Based) Parameter: form:propertyTree:0:j_idt126 Risk(s): It is possible to view, modify or delete database entries and tables Fix: Review possible solutions for hazardous character injection 2nd case for Blind SQL Injection (Time Based) URL: https://***/javax.faces.resource/components.js.xhtml Parameter: v Risk(s): It is possible to view,

问题 I am using Node.js to create a Discord bot. Some of my code looks as follows: var info = { userid: message.author.id } connection.query("SELECT * FROM table WHERE userid = '" + message.author.id + "'", info, function(error) { if (error) throw error; }); People have said that the way I put in message.author.id is not a secure way. How can I do this? An example? 回答1: The best way to is to use prepared statements or queries (link to documentation for NPM mysql module: https://github.com/mysqljs

问题 I am using Node.js to create a Discord bot. Some of my code looks as follows: var info = { userid: message.author.id } connection.query("SELECT * FROM table WHERE userid = '" + message.author.id + "'", info, function(error) { if (error) throw error; }); People have said that the way I put in message.author.id is not a secure way. How can I do this? An example? 回答1: The best way to is to use prepared statements or queries (link to documentation for NPM mysql module: https://github.com/mysqljs

问题 I've got a good grasp on SQL injection. It's when a SQL query that is supposed to be something like SELECT FirstName, LastName FROM Customers WHERE CustomerId = @valueFromApplication Gets turned into a query like SELECT FirstName, LastName FROM Customers WHERE CustomerId = '' ; DROP DATABASE Foo -- When the user inserts a malicious value into your app, website, client, whatever.. I'm also aware that instead of just dropping the DB the attacker can try to discover the names of tables and get

问题 this is part of an assignment for my computer security class, so I'm not looking for specific answers, just some help. We were given a faulty program (in php) that controls a sql database (a bank account) and we have to find a way to create a SQL injection attack that will let us log into an account without knowing it's ID ahead of time. I'm pretty sure I know where the vulnerability is, but I can't quite seem to get my attacks to work. The code in question (it's kinda long, but the only part