SQL Injection Exploiting Login form

0 votes

I was pondering while at the same time testing my site is there a way that the client can get information from my data set by making some further changes in the accompanying question?

SELECT * FROM users WHERE login='admin' AND password='1' OR '1'='1';

Given that he knew the administrator username and utilized '1'='1' for the secret key to hacking into it. What else could he at any point add to repeat the secret word on screen or track down table subtleties?

I maintain that should do this to comprehend the limits the unprotected SQL can hurt us for my show on SQL infusion.

Aug 12 in Database by Kithuzzz
• 11,040 points
25 views

No answer to this question. Be the first to respond.

Your answer

Your name to display (optional):
Privacy: Your email address will only be used for sending these notifications.

Related Questions In Database

0 votes
0 answers

Login to Microsoft SQL Server Error: 18456

When I try to connect to the SQL ...READ MORE

Aug 14 in Database by Kithuzzz
• 11,040 points
20 views
0 votes
1 answer

Login failed for user 'sa'. The user is not associated with a trusted SQL Server connection. (Microsoft SQL Server, Error: 18452) in sql 2008

Solution Go to Start > Programs > Microsoft SQL Server > Enterprise Manager. Right-click the SQL ...READ MORE

answered Sep 12 in Database by narikkadan
• 18,480 points
29 views
0 votes
2 answers

SQL vs NoSQL

Well, it depends on what you are ...READ MORE

answered Aug 11, 2018 in Database by slayer
• 29,310 points
377 views
0 votes
2 answers

Different types of SQL Joins

There are 4 types of joins in ...READ MORE

answered Dec 9, 2020 in Database by bhavani
1,111 views
0 votes
1 answer

Difference between single and double quotes in SQL

Single quotes are used to indicate the ...READ MORE

answered Sep 11, 2018 in Database by CodingByHeart77
• 3,720 points
16,760 views
0 votes
0 answers

How can I prevent SQL injection in PHP?

The programme  becomes vulnerable to SQL injection ...READ MORE

Jul 28 in PHP by Kithuzzz
• 11,040 points
18 views
0 votes
0 answers

How can prepared statements protect from SQL injection attacks?

In what ways do prepared statements aid ...READ MORE

Aug 11 in Database by Kithuzzz
• 11,040 points
39 views
0 votes
1 answer

Which query to use for better performance, join in SQL or using Dataset API?

DataFrames and SparkSQL performed almost about the ...READ MORE

answered Apr 19, 2018 in Apache Spark by kurt_cobain
• 9,390 points
995 views
0 votes
1 answer

How to connect Java program to the MySQL database?

You can connect your Java code with ...READ MORE

answered May 11, 2018 in Java by Parth
• 4,630 points
930 views
webinar REGISTER FOR FREE WEBINAR X
Send OTP
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP