Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Potential Microsoft SQL Injection Vulnerability Detection



The remote web server contains a script that appears to be vulnerable to a SQL injection attack.


PVS observed a response from a web server that was driven by an error message from an underlying SQL server. It is possible that the application may be susceptible to an attack known as 'SQL Injection' in which an attacker can pass SQL commands via a web query. Successful exploitation would allow the remote attacker to execute arbitrary SQL commands on the backend database server.


Audit and modify the application to properly validate user input.