Monday, October 20, 2008

Tips on Preventing SQL Injection

This is an interesting paper that came out in September from Oracle about SQL injection. The problem is one of the OWASP Top Ten vulnerabilities as part of the family of attacks known as injection attacks.

Cross-site scripting (XSS) is also a type of an injection attack but has its own category in the OWASP hit parade.

Bruce Schneier also mentioned the Oracle paper last week in his blog.


Post a Comment

<< Home