Proposing SQL Statement Coverage Metrics: Difference between revisions
Programsam (talk | contribs) |
Programsam (talk | contribs) |
||
| Line 33: | Line 33: | ||
=== 2.2 SQL Injection Attacks === | === 2.2 SQL Injection Attacks === | ||
A ''SQL injection attack'' is performed when a user exploits a lack of input validation to force unintended system behavior by altering the logical structure of a SQL statement with special characters. The lack of input validation to prevent SQL injection attacks is known as a SQL injection vulnerability<sup>[2, 5, 6, 8, 9, 13-16]</sup>. Our example of this type of input validation vulnerability begins with the login form presented in Figure 3. | |||
== 9. References == | == 9. References == | ||