MJCS 2023
DOI: 10.58496/mjcs/2023/006
|View full text |Cite
|
Sign up to set email alerts
|

SQL Injection Attack: Quick View

Abstract: SQL injection is a type of security vulnerability that occurs in database-driven web applications where an attacker injects malicious code into the application to gain unauthorized access to sensitive information. This paper aims to provide a comprehensive and systematic review of the existing methods for preventing and detecting SQL injection attacks. The review covers a range of techniques, including input validation, parameterized queries, and intrusion detection systems, as well as the advantages and disad… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1

Citation Types

0
4
0
2

Year Published

2023
2023
2024
2024

Publication Types

Select...
7
1
1

Relationship

0
9

Authors

Journals

citations
Cited by 21 publications
(6 citation statements)
references
References 8 publications
0
4
0
2
Order By: Relevance
“…Many SHSs are web-based and store healthcare data in SQL databases, making them susceptible to SQL injection (SQLi) attacks. Noman and Abu-Sharkh [117] and Abdullayev and Chauhan [118] define SQLi attacks as a type of application security susceptibility in which cybercriminals exploit SQL database weaknesses by injecting malicious SQL codes/statements into the input fields of a website and desktop and mobile application forms or URL parameters to compromise the back-end database and illegally access and extract sensitive data stored in the database. Numerous websites implement SQL to manage their database, and attackers take advantage of the weaknesses in SQL to execute malicious SQL statements, which allows the servers to reveal sensitive information stored in the databases.…”
Section: Sql Injection Attacksmentioning
confidence: 99%
See 1 more Smart Citation
“…Many SHSs are web-based and store healthcare data in SQL databases, making them susceptible to SQL injection (SQLi) attacks. Noman and Abu-Sharkh [117] and Abdullayev and Chauhan [118] define SQLi attacks as a type of application security susceptibility in which cybercriminals exploit SQL database weaknesses by injecting malicious SQL codes/statements into the input fields of a website and desktop and mobile application forms or URL parameters to compromise the back-end database and illegally access and extract sensitive data stored in the database. Numerous websites implement SQL to manage their database, and attackers take advantage of the weaknesses in SQL to execute malicious SQL statements, which allows the servers to reveal sensitive information stored in the databases.…”
Section: Sql Injection Attacksmentioning
confidence: 99%
“…[118]. In smart healthcare, patients and healthcare professionals use smart healthcare software to access data that can be shared with other departments.…”
mentioning
confidence: 99%
“…Web applications susceptible to SQL injection can grant attackers unrestricted access to the underlying databases (Halfond et al, 2006;Nasereddin et al, 2021;Sadeghian et al, 2013;Singh et al, 2016). The storage of sensitive user or consumer data in these databases often results in substantial consequences in the event of security breaches (Abdullayev & Chauhan, 2023;Clarke, 2009). The ramifications include identity theft, the divulgence of personal data, and the commission of deceitful activities.…”
Section: Sql Injection Attacksmentioning
confidence: 99%
“…SQL attack is a method where the attacker uses malicious cod to gain access to information by backend database manipulation [56]. Information attackers target may be details of the targeted organization, details of the company's customers or users of the company's systems and networks which results to illegitimate viewership of sensitive information, deletion or modification [57], [58], [59]. SQL injections can be prevented by implementing input validation which would flag unlawful input.…”
Section: Structured Query Language (Sql) Injectionmentioning
confidence: 99%