International Journal of Innovative Research in Engineering & Multidisciplinary Physical Sciences
E-ISSN: 2349-7300Impact Factor - 9.907

A Widely Indexed Open Access Peer Reviewed Online Scholarly International Journal

Call for Paper Volume 12 Issue 5 September-October 2024 Submit your research for publication
Submit Research Paper Join as a Reviewer

Plagiarism is checked by the leading plagiarism checker TurnItIn

Call for Paper

Volume 12 Issue 5
September-October 2024

Submit Your Research

Indexing
Indexed in Academia Indexed in Index Copernicus Indexed by Google Scholar DOI through Zenodo
E-ISSN 2349-7300
CrossRef

Authors can order CrossRef DOI for their research paper published in our journal IJIRMPS.

DOI prefix of IJIRMPS is
10.37082/IJIRMPS

Downloads
Research Paper Format Agreement of Publication Cover Page Vol 12 Isu 5Cover Page Vol 12 Isu 4Cover Page Vol 12 Isu 3

A Study on SQL Injection Attacks.

Authors: Mohammed Mustafa Khan

DOI: https://doi.org/10.5281/zenodo.13959661

Short DOI: https://doi.org/g8nnrx

Country: USA

Full-text Research PDF File:   View   |   Download

Abstract: Some web applications have inherent vulnerabilities that allow hackers to get unauthorized access to confidential and private data in an organization. SQL (structured query language) injection attacks remain to be a serious threat to web applications. It is one of the most used mechanisms by cyberattacks to steal or compromise sensitive data stored in relational databases. Some web application developers design systems with bugs or accidentally leave existing gaps by not screening the user's input for some unique symbols and characters that exist within the structural query statements or failing to validate the quality of information to find out if it is numerical or text that triggers the unprecedented outcome of its implementation. Attackers seem to have learned the existing web application's vulnerabilities correctly and seize to utilize these vulnerabilities to their advantage. SQL injection attacks comprise the insertion of a SQL command or query by using the input data from the client side that cascade to the application. It is conducted by injecting a malicious program in the SQL statement that modifies or alters the data by updating, inserting, or deleting. Additionally, superior SQL queries can initialize the administrative operations of the database, such as shutting down the database management system (DBMS), retrieving the content of a specific file existing in the DBMS, and issuing powerful commands to manipulate the operating system. Similarly, the SQL command can manipulate the cookies stored in a web application's database, allowing for actions such as retrieving, updating, or deleting cookie-related data, which could potentially be used for session management, user authentication, or tracking purposes.

Keywords: SQL injection, database, web application, SQL queries, vulnerabilities, detection, prevention.

Paper Id: 231290

Published On: 2022-01-04

Published In: Volume 10, Issue 1, January-February 2022

Cite This: A Study on SQL Injection Attacks. - Mohammed Mustafa Khan - IJIRMPS Volume 10, Issue 1, January-February 2022. DOI 10.5281/zenodo.13959661

Share this


Open Access CC-BY-SA All research papers published in this journal/on this website are openly accessible and licensed under Creative Commons Attribution-ShareAlike 4.0 International License; accordingly, any user can read, download, copy, distribute, print, search, or link to the full texts of the authors/researchers submitted and published articles, crawl them for indexing, pass them as data to any software, or use them for any other lawful purpose. The journal is fulfilling the DOAJ's definition of open access.
About IJIRMPS
Indexing & Archiving
Publication Ethics
Peer Review & Plagiarism 		Website/Journal Policies
Usage Policy
Content Policies
Privacy Policy 		Contact Us

+91-9687-828-838
editor@ijirmps.org