Injection attacks occur when untrusted data is sent to an interpreter as part of a command or query. The attacker's hostile data can trick the interpreter into executing unintended commands or accessing data without proper authorization. Common types of injection attacks include SQL injection, command injection, and LDAP injection. These types of attacks exploit vulnerabilities in how an application processes input data, allowing attackers to inject malicious commands or queries into the system.
[Reference:, Cisco DevNet Associate Certification Guide: Chapter on Security, specifically on common web application vulnerabilities., OWASP (Open Web Application Security Project) Top Ten Web Application Security Risks: Injection., , ]
Submit