Click here to Skip to main content
12,949,601 members (67,171 online)
Rate this:
Please Sign up or sign in to vote.
See more:
What is URL injection and how does it work? I'm bit confused between SQL Injection and URL Injection.
Posted 22-Mar-13 19:45pm
Rate this: bad
Please Sign up or sign in to vote.

Solution 1

SQL Injection's are URL based only. Issues are induced into database via URL because of bad way query is formed.
Read: SQL Injection[^]
Maciej Los 24-Mar-13 12:35pm
Short and to the point!
Sandeep Mewara 24-Mar-13 12:59pm
Thanks Maciej. :)
Rate this: bad
Please Sign up or sign in to vote.

Solution 2

In the "Weird and Wonderful" we had our fun with the Alcatraz travel website. Their server is still open for injecting SQL via URLs. See Alcatraz ~ the tourist website[^]
See the messages in that thread for more hints on how it works - you can still test your skills.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

    Print Answers RSS
Top Experts
Last 24hrsThis month
OriginalGriff 5,489
CHill60 3,380
Maciej Los 2,913
Jochen Arndt 1,935
ppolymorphe 1,820

Advertise | Privacy | Mobile
Web01 | 2.8.170524.1 | Last Updated 25 Mar 2013
Copyright © CodeProject, 1999-2017
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100