Title: SQL injection authentication security threat

Authors: Sulakshana B. Mane; Kiran Shrimant Kakade; S.P. Shingare; Nanasaheb M. Halgare

Addresses: Bharati Vidyapeeth College of Engineering, Navi Mumbai, India ' Faculty of Business and Leadership, MIT, World Peace University, Pune, India ' Department of Chemical Engineering, Bharati Vidyapeeth College of Engineering, Navi Mumbai – 400614, India ' Department of Information Technology, M.S. Bidve Engineering College, Latur-413-531, India

Abstract: The study examines SQL injection as a serious threat to application security, with a particular emphasis on how it affects database data integrity, which is essential to server functionality. Attackers can insert harmful SQL queries into the data being transmitted between clients and applications by using SQL injection attacks. Through the exploitation of vulnerabilities that permit impersonation or character escaping, adversaries can perform a variety of manipulations on the database. Extracting sensitive data, modifying, or deleting dataset information, carrying out administrative tasks like stopping the database management system (DBMS), obtaining particular file data from the DBMS file system, and occasionally sending commands to the underlying operating system are some examples of these manipulations. Understanding and mitigating these vulnerabilities are paramount for safeguarding the confidentiality, integrity, and availability of critical data assets in server environments.

Keywords: SQL; web application; vulnerabilities; attack.

DOI: 10.1504/IJESDF.2024.139661

International Journal of Electronic Security and Digital Forensics, 2024 Vol.16 No.4, pp.474 - 485

Received: 08 Dec 2022
Accepted: 27 Feb 2023

Published online: 05 Jul 2024 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article