Skip to content

Security Cipher

Menu
  • Home
  • Blog
  • Services
  • About Us
  • Resources
    • Penetration Testing Tricks
    • Security Terminologies
    • Vulnerability Explain
    • Secure Code Explain
    • AWS Cloud Security Checklist
    • Web Application Security Quiz
  • My Resume
  • Terms and Conditions
  • Cookie Policy (EU)
Contact Us

Penetration Testing Tricks

  • Captcha Bypass

Vulnerability Explain

  • SQL Injection
  • Cross-Site-Scripting (XSS)

Secure Code Explain

  • DOM Cross-Site-Scripting (XSS)
  • Stored Cross-Site-Scripting (XSS)
  • Reflected Cross-Site-Scripting (XSS)
  • SQL Injection
  • XXE Injection
  • Remote File Inclusion (RFI)
  • Local File Inclusion
  • Clickjacking
  • Remote Code Execution (RCE)
  • Insecure direct object references (IDOR)
  • Secure Cookie not set
  • Log Injection
  • Cross-Site Request Forgery (CSRF)
  • HttpOnly Flag not set
  • Home
  • Docs
  • Secure Code Explain
  • SQL Injection

SQL Injection

Here is an example of Java code that is vulnerable to SQL Injection attack on productId parameter:

🥺 Vulnerable Code #

String productId = request.getParameter("id");
String query = "SELECT * FROM products WHERE id = " + productId;

Statement st = connection.createStatement();
ResultSet rs = st.executeQuery(query);

while (rs.next()) {
String name = rs.getString("name");
String description = rs.getString("description");
// display product details
}

This code is vulnerable to SQL injection attacks because it is directly concatenating user input (the “productId” parameter) into the SQL query string. An attacker could input a malicious value for the “productId” parameter that modifies the SQL query in unintended ways, such as adding additional clauses or comments.

😎 Secure Code #

To secure this code, you should use prepared statements with parameterized queries. This will prevent attackers from being able to inject malicious input into the query:

String productId = request.getParameter("id");
String query = "SELECT * FROM products WHERE id = ?";

PreparedStatement st = connection.prepareStatement(query);
st.setString(1, productId);
ResultSet rs = st.executeQuery();

while (rs.next()) {
String name = rs.getString("name");
String description = rs.getString("description");
// display product details
}

This code will safely escape any special characters in the “productId” parameter, preventing attackers from injecting malicious input into the query.

Share This Article :
  • Facebook
  • Twitter
  • LinkedIn
  • Pinterest
Reflected Cross-Site-Scripting (XSS)XXE Injection

Leave a Reply Cancel reply

Table of Contents
  • 🥺 Vulnerable Code
  • 😎 Secure Code
logo name

Learn penetration Testing …

Instagram Twitter Youtube Telegram Linkedin

Useful Links

Blogs
About
Contact

Recent Post

  • Mastering WordPress Penetration Testing: A Step-by-Step Guide
  • Enhance WordPress Security: Comprehensive Guide
  • How to Write a Killer Pentest Report

Subscribe Now

Don’t miss our future updates! Get Subscribed Today!

Subscription Form

By entering your email, you agree to our terms & Conditions and Privacy policy.

©2023. Security Cipher. All Rights Reserved.

Privacy Policies
Terms & Conditions
Manage Cookie Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
View preferences
{title} {title} {title}

We are using cookies to give you the best experience on our website.

You can find out more about which cookies we are using or switch them off in .

Security Cipher
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.

Cookie Policy

More information about our Cookie Policy