Discussion :: SQL Server MCQs
- Which of the following script is example of SQL injection attack ?
|
A.
var Shipcity; ShipCity = Request.form ("ShipCity"); var SQL = "select * from OrdersTable where ShipCity = '" + ShipCity + "'"; |
|
B.
var Shipcity; ShipCity = Request.form ("ShipCity"); |
|
C.
var Shipcity; var SQL = "select * from OrdersTable where ShipCity = '" + ShipCity + "'"; |
|
D.
All of the mentioned
|
Whatsapp
Facebook
Answer : Option A
Explanation :
The script builds an SQL query by concatenating hard-coded strings together with a string entered by the user.
Be The First To Comment