3,817 questions
1
vote
2
answers
100
views
Sql injection protection when sending json as a sql function parameter
I am sending a json array with filter parameters from ExtJs in the sql function parameter.
filters look like this:
[{"field":"product_type_id","data":{"type":&...
- 13
1
vote
1
answer
111
views
Creating Postgres Users and Granting Permissions from Go
I'm trying to create database users in my Postgres database from Golang, and I can't seem to get queries to run.
I'm able to establish a connection, but I cannot run create user X with password Y and ...
- 92.6k
0
votes
1
answer
107
views
Web Application Firewall (NGINX ModSecurity) - wrong SQL Injection Attack Detection
Our company site is behind WAF based on NGINX ModSecurity. And permanently in WAF logs we see blocked requests from site forms.
Example:
SQL Injection Attack Detected via libinjection - Matched Data: ...
- 33
-2
votes
1
answer
106
views
Why does psycopg2 still allow SQL injection with dynamically constructed table names [closed]
I'm developing a multi-tenant Python web application where users need to query different database tables based on their client context. The challenge is constructing secure SQL queries when table ...
- 33
1
vote
0
answers
83
views
Is this code already SQL injection proof or should I use prepared statements? [duplicate]
I was asked to make this code SQL Injection proof:
<?php
$connection = mysqli_connect("localhost", "root", "password", "users_db");
$query = "SELECT * ...
- 21
1
vote
1
answer
130
views
Psalm does not detect SQL Injection
I'm trying to use Psalm to detect SQL Injections. I have the following code :
$pdo = new PDO("mysql:host=db;dbname=tp;port=3306", "user", "password");;
// VULNERABLE ...
- 687
0
votes
0
answers
81
views
Add repeated strings in burp suite intruder
I am working on a CTF.
I need to do a SQL injection into a dummy website. In this website when signing up there is not input clean up of any sorts for the username field, and as a friend confirmed it ...
- 222
0
votes
2
answers
267
views
Entity Framework Core: how safe are expressions from SQL injection? [closed]
I am doing research on ways to prevent SQL injection when using Entity Framework Core ORM. Most blogs and sources cite official Microsoft documentation, that the best way is to sanitize values, use ...
- 58
0
votes
0
answers
79
views
Prepared query with Jinja and BigQuery
For now, I use python, with sql templating (jinja2) for BigQuery API (not sdk) + fastapi.
The queries are generated from api parameters to sql code. Those queries are sent to BQ.
To prevent sql ...
- 1,481
-1
votes
1
answer
200
views
VeraCode complains SQL injection when my prepared statement has a dynamic database name
My project needs to access a SQL Server which has hundreds databases in it. All those databases have same tables structure
So I need to query those data like this:
select *
from {0}.dbo.tableA
where ...
- 1,166
0
votes
2
answers
89
views
Is there a name for SQL Injection when it's done on purpose?
I need to concatenate strings to generate a query to execute, mainly because parameters cannot be used in the places I need to.
For example, FETCH NEXT <n> ROWS clause in DB2 does not accept ...
- 1,083
0
votes
1
answer
231
views
Struggling with Veracode flagging tableName-variable as "SQL Injection" flaw
We have a command-line utility program that loads the specified file (CSV) into the specified table.
Obviously, the table-name will be externally-provided (on command-line), and Veracode flags that as ...
- 4,256
0
votes
3
answers
94
views
Is it possible to have SQL Injection in Java PreparedStatement without setString() or setInt() methods? [duplicate]
In Java, if a user input is directly appended to an SQL query without using methods like setString() or setInt(), but the query is executed using a PreparedStatement, is it still considered SQL ...
0
votes
0
answers
81
views
SQL injection with LIKE Clause (bWAPP Get/Search Medium Level) [duplicate]
I was trying to perform some SQL Injection on bWAPP application. I a running test on medium level where query is like this.
SELECT * FROM movies WHERE title LIKE '%".$(title)."%';
User will ...
- 357
-1
votes
1
answer
79
views
Burp Repeater Request giving client Error: Forbidden in python requests (portswigger labs)
im doing portswigger blind sqli lab: https://portswigger.net/web-security/sql-injection/blind/lab-conditional-responses
in the burp repeater after intecepting requests, it is working fine, as the ...
-1
votes
2
answers
744
views
Sql string concatenation is always bad?
At university, we learned, and I also read in many places, that you should NEVER concatenate SQL strings. Yes, I know it's because of SQL injection, and I am aware of that.
However, what if the string ...
- 11
0
votes
1
answer
580
views
How to avoid SQL content sent from HTML form being blocked by Cloudflare?
I have a POST form that includes a textarea for SQL content. Cloudflare will occasionally classify the content as a SQL Injection attempt and block the submission.
Is there a safe or proper way to ...
- 7,773
0
votes
0
answers
62
views
Oracle 19c PL/SQL: Security Scan Finding - SQL Injection [duplicate]
I've done a search here on stackoverflow and read through some posts that are similar regarding PL/SQL SQL injection prevention, but they didn't seem to match my question specifically. This post ...
- 383
-3
votes
1
answer
843
views
Parametrize table name in SQL query
I have a Python script executing DB2 query as
select count(*) as num_rows from {table}
The value of {table} is read from a list of tables and I need to print out the count corresponding to each table. ...
- 1
1
vote
0
answers
277
views
Does Mongoose prevent NoSQL injections?
I know that similar questions about the prevention of NoSQL injections exist.
One example is this answer on the StackOverflow platform:
https://stackoverflow.com/a/63839225/14043571
The answer ...
- 187
1
vote
2
answers
524
views
how to sanitze client query to whereFullText eloquent method in laravel
I'm encountering an issue with whereFullText in Laravel. Here's my code:
$search_key = $args['q'] ?? $args['search_key'] ?? NULL;
$builder->when($search_key, function (Builder $builder, $search_key)...
- 532
0
votes
0
answers
162
views
xp_cmdshell as dbo user only able to run 'ping localhost' to verify RCE?
I am currently doing a pentest on a client's asp web application and I have identified a blind SQL injection. However, after enabling xp_cmdshell, I am only able to run the ping localhost command to ...
0
votes
1
answer
719
views
Is this SQL/NoSQL/DSL injection in Opensearch python client?
The Opensearch documentation around using the low-level python client is here.
When executing search queries it shows the following example:
# Search for the document.
q = 'miller'
query = {
'size': ...
- 119
0
votes
2
answers
397
views
How to fix SQL injection if we have to use DB name dynamically in SQL Server?
This is the implementation in code: the schema name comes from a configuration file and is different for each environment. Sonar throws SQL injection alert at this statement:
select *
from dbName.dbo....
- 111
2
votes
1
answer
79
views
How to reduce vulnerability to cyber attacks from injection?
I have very little knowledge about SQL injection, and there are probably other threats I am unaware of out there for stealing company data, how would I make this python code better in regards to ...
- 81