International Journal of Computer Science and Informatics


SQL injection attacks are a serious security threat to Web applications. They allow attackers to obtain unrestricted access to the databases underlying the applications and to the potentially sensitive information these database contain. Various researchers and practitioners have proposed various methods to address the SQL injection problem. To address this problem, we present an extensive review of the various types of SQL injection attacks known to date. For each type of attack, we provide descriptions and examples of how attacks of that type could be performed. We also present a methodology to prevent SQL injection attacks. It concentrates on the SQL queries and SQL stored procedure where input parameters are injected by the attacker. After a rigorous input validation with our proposed SQL security model will ensure input validation.





To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.