SQL Injection

SQL Injection

Detected by Syhunt: Yes (Dynamic, Code)
Type: Injection Flaw
Also Known As: SQLi
CWE: 89

Many web sites contain flaws that may allow attackers to carry out SQL injection attacks. The issue happens when a script fails to properly sanitize user-supplied input to parameters. This may allow attackers to inject or manipulate SQL queries in the back-end database.

Resources