|
| Description: | | SQL injection is a vulnerability that allows an attacker to alter backend SQL statements by manipulating the user input. An SQL injection occurs when web applications accept user input that is directly placed into a SQL statement and doesn't properly filter out dangerous characters. |
|
| Impact: | | An attacker can inject arbitrary sql commands to view or change the database of the target by exploiting the vulnerability successfully. |
|
| Affected OS: | | Windows, Solaris, Other Unix, FreeBSD, Linux |
|
| Reference: | | SecurityFocusBID:77295
SecurityTrackerID:1033950
ExploitDB:38797
|
|