Cyber Attacks Based on Data Injection
Downloads
Software vulnerabilities represent the most important vulnerabilities due to their impact compared to other vulnerabilities such as hardware and network ones. Throughout the years many vulnerabilities have been identified, classified, and registered by organizations such as MITRE as a CVE (common vulnerability or exposure) and assigned a Common Vulnerability Scoring System (CVSS) score to reflect the potential risk it could introduce to organizations. This paper describes, analyses, and provides solutions to the effects of the top three most dangerous system vulnerabilities such as: SQL injection and Command Injection.
Downloads
MITRE, "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')," 19 September 2019. [Online]. Available: https://cwe.mitre.org/data/definitions/89.html.
MITRE, "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')," 23 September 2019. [Online]. Available: https://cwe.mitre.org/data/definitions/78.html.
Hack2Secure, "Understanding SQL Injection Attacks," 20 7 2017. [Online]. Available:
https://www.hack2secure.com/blogs/understanding-sql-injection-attacks.
S. I. M. M. Atefeh Tajpour, " SQL Injection Detection and Prevention Techniques," 8 2001. [Online]. Available: https://www.researchgate.net/publication/272854124_SQL_Injection_Detection_and_Prevention_Techniques.
S. Mohanty, https://dzone.com/articles/5-important-software-vulnerability-and-attackstha, 2018.
C. N. C. X. Anastasios Stasinopoulos, "Commix: Detecting and exploiting command injection flaws," November 2015. [Online]. Available: https://www.researchgate.net/publication/290181384_Commix_Detecting_and_exploiting_command_injection_flaws.
How To Prevent Command Injection, [Online]. Available: https://affinity-it-security.com/how-to-prevent-command-injection/.
