在SQL注入攻击中,程序会创建一个SQL命令,并将其发送给SQL解释器。
In an SQL injection attack, a program creates an SQL command and sends it to an SQL interpreter.
SQL注入这种技术使攻击者可以利用应用程序中未仔细检查的输入机会来执行未经授权的SQL命令,而应用程序的本意是使用该输入来构造动态sql查询。
SQL injection is a technique which enables an attacker to execute unauthorized SQL commands by taking advantage of non-scrutinized input opportunities in applications that build dynamic SQL queries.
SQL注入这种技术使攻击者可以利用应用程序中未仔细检查的输入机会来执行未经授权的SQL命令,而应用程序的本意是使用该输入来构造动态sql查询。
SQL injection is a technique which enables an attacker to execute unauthorized SQL commands by taking advantage of non-scrutinized input opportunities in applications that build dynamic SQL queries.
应用推荐