A1:2017-Injection

SQL small cheat sheet

select

insert

delete

update

drop

union

where

and

or

not

order by

Attack

login as admin

Defense

• Parameterized Statements
• Sanitizing Input