Currently only for MySQL and Microsoft SQL Server, some ORACLE and some PostgreSQL. Most of samples are not correct for every single situation. Most of the real world environments may change because of parenthesis, different code bases and unexpected, strange SQL sentences.
Samples are provided to allow reader to get basic idea of a potential attack and almost every section includes a brief information about itself.
M : MySQL
S : SQL Server
P : PostgreSQL
O : Oracle
+ : Possibly all other databases
Examples :
-(MS) means : MySQL and SQL Server etc.
-(M*S) means : Only in some versions of MySQL or special conditions see related note and SQL Server
Read the whole Cheat Sheet here.
(+22 rating, 5 votes)
Loading ...
