SQL Injection Exploiting Login form

0 votes

I was pondering while at the same time testing my site is there a way that the client can get information from my data set by making some further changes in the accompanying question?

SELECT * FROM users WHERE login='admin' AND password='1' OR '1'='1';

Given that he knew the administrator username and utilized '1'='1' for the secret key to hacking into it. What else could he at any point add to repeat the secret word on screen or track down table subtleties?

I maintain that should do this to comprehend the limits the unprotected SQL can hurt us for my show on SQL infusion.

Aug 12, 2022 in Database by Kithuzzz
 • 38,000 points 560 views

No answer to this question. Be the first to respond.

Your answer

Your name to display (optional):
Privacy: Your email address will only be used for sending these notifications.

Related Questions In Database

0 votes
0 answers

Login to Microsoft SQL Server Error: 18456

When I try to connect to the SQL ...READ MORE

Aug 14, 2022 in Database by Kithuzzz
 • 38,000 points 643 views
0 votes
0 answers

Trouble Connecting to sql server Login failed. "The login is from an untrusted domain and cannot be used with Windows authentication"

I want to host a SQL server ...READ MORE

Aug 22, 2022 in Database by Kithuzzz
 • 38,000 points 828 views
0 votes
1 answer

Login failed for user 'sa'. The user is not associated with a trusted SQL Server connection. (Microsoft SQL Server, Error: 18452) in sql 2008

Solution Go to Start > Programs > Microsoft SQL Server > Enterprise Manager. Right-click the SQL ...READ MORE

answered Sep 12, 2022 in Database by narikkadan
 • 63,600 points 1,110 views
0 votes
2 answers

SQL vs NoSQL

Well, it depends on what you are ...READ MORE

answered Aug 11, 2018 in Database by slayer
 • 29,370 points 1,224 views
0 votes
2 answers

Different types of SQL Joins

There are 4 types of joins in ...READ MORE

answered Dec 9, 2020 in Database by bhavani
 2,057 views
0 votes
1 answer

Difference between single and double quotes in SQL

Single quotes are used to indicate the ...READ MORE

answered Sep 11, 2018 in Database by CodingByHeart77
 • 3,750 points 29,663 views
0 votes
0 answers

How can I prevent SQL injection in PHP?

The programme  becomes vulnerable to SQL injection ...READ MORE

Jul 28, 2022 in PHP by Kithuzzz
 • 38,000 points 462 views
0 votes
0 answers

How can prepared statements protect from SQL injection attacks?

In what ways do prepared statements aid ...READ MORE

Aug 11, 2022 in Database by Kithuzzz
 • 38,000 points 898 views
0 votes
1 answer

Which query to use for better performance, join in SQL or using Dataset API?

DataFrames and SparkSQL performed almost about the ...READ MORE

answered Apr 19, 2018 in Apache Spark by kurt_cobain
 • 9,350 points 1,858 views
0 votes
1 answer

How to connect Java program to the MySQL database?

You can connect your Java code with ...READ MORE

answered May 11, 2018 in Java by Parth
 • 4,640 points 1,932 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP
"PMP®","PMI®", "PMI-ACP®" and "PMBOK®" are registered marks of the Project Management Institute, Inc. MongoDB®, Mongo and the leaf logo are the registered trademarks of MongoDB, Inc.