International Journal of Science and Research (IJSR)

International Journal of Science and Research (IJSR)
Call for Papers | Fully Refereed | Open Access | Double Blind Peer Reviewed

ISSN: 2319-7064


Downloads: 116 | Views: 326

Research Paper | Computer Science & Engineering | India | Volume 4 Issue 4, April 2015 | Popularity: 6.8 / 10


     

Web Filtering with SQL Injection

Yogesh Ghuse, Chetan Harshe, Pratibha S. Ghode


Abstract: As more businesses and organizations provide online services, the number of web sites or applications which are linked to a database has increased greatly. Often the data held in such databases is confidential or private and possibly of great interest to a hacker, disgruntled employee, or criminal group. While the database and the server holding it may have been secured, the design of the web interface is often overlooked and could allow unauthorized users access to the database. SQL injection, the use of database commands in the SQL language where user input is expected, remains a top threat. It was the 3rd listed error in the January 2009 CWE/SANS Top 25 Most Dangerous Programming Errors [a] and has been the mechanism for a number of prevalent attacks. For example, through most of 2008 there were ongoing, indiscriminate and widespread attacks on vulnerable web sites, which added a link to a malicious file (usually JavaScript) that most web site visitors would unintentionally run on loading the page. This then caused the visitors computer to be infected with malware. Even well-known and widely trusted web sites were affected by this problem. This document will illustrate some of the main techniques used in SQL injection, then describe methods that can reduce the effectiveness of such attacks. In addition to usual standard IT best practice, such as logging and regular and prompt patching, the majority of SQL injection vulnerabilities can be moderated through careful and robust programming. It is hoped that the information provided here will highlight the seriousness of leaving this type of flaw unaddressed and promote the improved design of database-linked Internet resources.


Keywords: Web Application, SQLIA, Detection, Prevention, Vulnerabilities


Edition: Volume 4 Issue 4, April 2015


Pages: 347 - 351



Make Sure to Disable the Pop-Up Blocker of Web Browser

Text copied to Clipboard!
Yogesh Ghuse, Chetan Harshe, Pratibha S. Ghode, "Web Filtering with SQL Injection", International Journal of Science and Research (IJSR), Volume 4 Issue 4, April 2015, pp. 347-351, https://www.ijsr.net/getabstract.php?paperid=SUB152936, DOI: https://www.doi.org/10.21275/SUB152936

Similar Articles

Downloads: 5 | Weekly Hits: ⮙4 | Monthly Hits: ⮙4

Analysis Study Research Paper, Computer Science & Engineering, India, Volume 13 Issue 1, January 2024

Pages: 516 - 519

I-Vote Android Application for Internet-Voting

Rahul Kumar, Hima Saxena, Dr. Suman Sharma

Share this Article

Downloads: 137 | Weekly Hits: ⮙2 | Monthly Hits: ⮙3

Research Paper, Computer Science & Engineering, India, Volume 4 Issue 2, February 2015

Pages: 2246 - 2249

Packet Analysis with Network Intrusion Detection System

Rashmi Hebbar, Mohan K

Share this Article

Downloads: 0

Student Project, Computer Science & Engineering, India, Volume 11 Issue 1, January 2022

Pages: 455 - 459

Real World IoT Applications in Daily Domain

Eega Vivek Reddy, J Bala Krishna, Huzaifa Saad

Share this Article

Downloads: 0

Student Project, Computer Science & Engineering, India, Volume 11 Issue 6, June 2022

Pages: 1875 - 1880

Microclustering with Outlier Detection for DADC

Aswathy Priya M.

Share this Article

Downloads: 0

Survey Paper, Computer Science & Engineering, India, Volume 11 Issue 7, July 2022

Pages: 1023 - 1029

A Survey and High-Level Design on Human Activity Recognition

Abhishikat Kumar Soni, Dhruv Agrawal, Md. Ahmed Ali, Dr. B. G. Prasad

Share this Article

Top