Contents tagged with SQL
-
Mitigating SQL Injection Attacks in IIS 7.5
It is surprising with all the advances in Internet technologies that there is still a lot of old school code being used and reused. Because of that, there are some topics that will be around for many years to come. SQL Injection is one of those topics. Rather than write an abstract blog post about mitigating SQL Injection attacks, I am presenting this topic from my point of view.
-
Installing SQL Server Native Client 10.0
I came across an issue today where a website had a dependency on the SQL Server Native Client 10.0, which is part of SQL Server 2008. A recent upgrade to SQL Server 2012 caused SQL Server Native Client 11.0 to be installed and version 10.0 to be uninstalled.
-
Track down the source of SQL Injection
A SQL Injection attack is a malicious technique used to attack databases through a website. It adds portions of SQL statements into the URL from a page that accepts user input. The attack is successful when there are vulnerabilities in a website where user input is not filtered and validated.