Forms and Validity
SQL injection attack (SQLIA) is considered one of the top 10 web application vulnerabilities of 2007 and 2010 by the Open Web Application Security Project. The attacking vector contains five main sub-classes depending on the technical aspects of the attack's deployment:
- Classic SQLIA
- Inference SQL injection
- Interacting with SQL injection
- Database management system-specific SQLIA
- Compounded SQLIA
- SQL injection + insufficient authentication
- SQL injection + DDoS attacks
- SQL injection + DNS hijacking
- SQL injection +XSS
A complete overview of the SQL Injection classification is presented in the next figure. The Storm Worm is one representation of Compounded SQLIA.
This classification represents the state of SQLIA, respecting its evolution until 2010—further refinement is underway.
Read more about this topic: SQL Injection
Famous quotes containing the words forms and, forms and/or validity:
“An expense of ends to means is fate;Morganization tyrannizing over character. The menagerie, or forms and powers of the spine, is a book of fate: the bill of the bird, the skull of the snake, determines tyrannically its limits.”
—Ralph Waldo Emerson (1803–1882)
“And what avails it that science has come to treat space and time as simply forms of thought, and the material world as hypothetical, and withal our pretension of property and even of self-hood are fading with the rest, if, at last, even our thoughts are not finalities, but the incessant flowing and ascension reach these also, and each thought which yesterday was a finality, to-day is yielding to a larger generalization?”
—Ralph Waldo Emerson (1803–1882)
“Once one is caught up into the material world not one person in ten thousand finds the time to form literary taste, to examine the validity of philosophic concepts for himself, or to form what, for lack of a better phrase, I might call the wise and tragic sense of life.”
—F. Scott Fitzgerald (1896–1940)