C validating filename
C validating filename - the dating game show
The extent to which the data being destroyed, manipulated and retrieved is based on the privilege of the account under which the SQL command is being executed.
The attacker can go to a maximum extent of running operating system commands if the account under which the SQL statements executed were over privileged.It is commonly referred as XSS occurs when a web application gathers malicious data from a user.Often attackers will inject Java Script, VBScript, Active X, HTML, or Flash into a vulnerable application to fool a user in order to gather data from them.This vulnerability leads to denial of service attacks and it eventually leads to process crash.Another vulnerability of buffer overflow is code injection which eventually alters the program execution address to run an attacker's injected code.Web application security is not just about attackers hacking websites, stealing sensitive information from websites, sending high traffic to websites with denial of service attacks, viruses, worms and Trojan horses. The objective of this article is to give you an insight on various areas that a design architect should focus on while designing a web application to make more secured.
There are other problems that are frequently overlooked.
If an attacker gains the access to hash strings stored in the application, a dictionary attack can be performed.
That is, iterate through all the words in a dictionary of all possible languages to arrive to the hashed string retrieved by the attacker.
It is a must to validate the input before processing it by your application.
So, how do you know that your application is safe enough?
Typically, sensitive information like password will not be stored in plain text format or encrypted form in the application.