Despite there’s more and more programmers who are carefully studying the web application’s security, it’s still sometimes seems like as it’d be just the other way. Everyday you can hear a lot of news about the successful attacks against the well or less known servers, and the hackers are finding the new vulnerabilities and use them to hack the open source and proprietary software used in a lot of web servers.
One of the main reason of the vulnerable web application’s code is its complexity, so it’s a real challenge to maintain such a huge bunch of a code, sanitize every input in the web applications and analyze even the smallest changes in the code if they can affect the overall applications’ security.
The goal of this article is to educate you why it’s so important to write secure web application’s code and to show you how easy can attackers hack the applications running on the bad programmer’s work.
SQL Injection
Overview:
The point of this vulnerability is the ability to inject an arbitrary SQL code into the application which sends it completely unchecked to the database server. The back-end database server execute that SQL query.
What can hackers do exploiting this vulnerability:
They can start the DoS attacks, steal the data from the databases or to delete or modify the information they contain.
Continue reading Security vulnerabilities: SQL Injection, XSS and CSRF
