Title: SQL injection authentication security threat
Authors: Sulakshana B. Mane; Kiran Shrimant Kakade; S.P. Shingare; Nanasaheb M. Halgare
Addresses: Bharati Vidyapeeth College of Engineering, Navi Mumbai, India ' Faculty of Business and Leadership, MIT, World Peace University, Pune, India ' Department of Chemical Engineering, Bharati Vidyapeeth College of Engineering, Navi Mumbai – 400614, India ' Department of Information Technology, M.S. Bidve Engineering College, Latur-413-531, India
Abstract: The study examines SQL injection as a serious threat to application security, with a particular emphasis on how it affects database data integrity, which is essential to server functionality. Attackers can insert harmful SQL queries into the data being transmitted between clients and applications by using SQL injection attacks. Through the exploitation of vulnerabilities that permit impersonation or character escaping, adversaries can perform a variety of manipulations on the database. Extracting sensitive data, modifying, or deleting dataset information, carrying out administrative tasks like stopping the database management system (DBMS), obtaining particular file data from the DBMS file system, and occasionally sending commands to the underlying operating system are some examples of these manipulations. Understanding and mitigating these vulnerabilities are paramount for safeguarding the confidentiality, integrity, and availability of critical data assets in server environments.
Keywords: SQL; web application; vulnerabilities; attack.
DOI: 10.1504/IJESDF.2024.139661
International Journal of Electronic Security and Digital Forensics, 2024 Vol.16 No.4, pp.474 - 485
Received: 08 Dec 2022
Accepted: 27 Feb 2023
Published online: 05 Jul 2024 *