SQL INJECTION And its MITIGATION
Structured Query Language ( SQL ) is used to order data in database management system. SQL language is used for database creation, fetching rows, deletion and rows modification etc. The commonly used SQL commands are:- SELECT,WHERE, FROM, INSERT, DELETE and UPDATE. In web application if the database is not properly configured, the glitches in it leads to attack the database and takeover it. SQL injection is most prominent attack done on SQL database to get database information and compromise it. In SQL injection we try to pass few SQL statements as input in our query. These statements help us to control database. Using SQL injection an attacker can bypass the authentication methods to retrieve the entire database contents. There are many types of injection attacks like SQL injection and html injection , etc. Most Common types of SQL injection Union-Based SQL Injection: In Union based we use union command in SQL statement to perform more queries....