I was scared to death from needle phobia when I was a child, and database is no exception. It doesn’t matter how big or small is your database; it has a constant threat from SQL injection.
In an ideal scenario, a user requests relevant data as input via SQL query to a web application that pulls data from the database. However, SQL injection replaces a standard SQL query with malicious code as an input.
The injection exploits vulnerabilities in the application, allowing the attacker to control the database completely. From here, Dr Hacker can view all user data, tamper or even destroy all the records.
In the next post, I will publish the SQL injection example as a cyber sketch story.
