SQL Injection (SQLi)

critical

A03:2021CWE-89Injection

What is SQLi?

SQL Injection allows attackers to interfere with database queries by inserting malicious SQL code through user-controlled input fields.

How it works

The application constructs SQL queries by concatenating user input directly into the query string. An attacker inputs SQL syntax that alters the intended query logic, allowing unauthorised data access, modification, or deletion.

Impact

Complete database compromise, data exfiltration, authentication bypass, privilege escalation, and in some cases, remote code execution on the database server.

How ShieldReport detects this

ShieldReport identifies SQLi through error-based detection, time-based blind testing, and boolean-based techniques using Nuclei templates and custom probes.

How to fix it

Use parameterized queries or prepared statements exclusively. Never concatenate user input into SQL strings. Apply least-privilege database accounts and use an ORM where possible.

Code example

Vulnerable

// VULNERABLE: string concatenation
const query = "SELECT * FROM users WHERE id = " + req.params.id
db.query(query)

Secure

// SECURE: parameterized query
const query = "SELECT * FROM users WHERE id = $1"
db.query(query, [req.params.id])

Related CVEs

CVE-2023-36844CVE-2024-1597

Is your site vulnerable to SQLi?

Run a free scan to find out in under 2 minutes.

Scan Now

← Back to Wiki

SQL Injection (SQLi)

critical

A03:2021CWE-89Injection

What is SQLi?

SQL Injection allows attackers to interfere with database queries by inserting malicious SQL code through user-controlled input fields.

How it works

Impact

Complete database compromise, data exfiltration, authentication bypass, privilege escalation, and in some cases, remote code execution on the database server.

How ShieldReport detects this

ShieldReport identifies SQLi through error-based detection, time-based blind testing, and boolean-based techniques using Nuclei templates and custom probes.

How to fix it

Use parameterized queries or prepared statements exclusively. Never concatenate user input into SQL strings. Apply least-privilege database accounts and use an ORM where possible.

Code example

Vulnerable

// VULNERABLE: string concatenation
const query = "SELECT * FROM users WHERE id = " + req.params.id
db.query(query)

Secure

// SECURE: parameterized query
const query = "SELECT * FROM users WHERE id = $1"
db.query(query, [req.params.id])

Related CVEs

CVE-2023-36844CVE-2024-1597

Is your site vulnerable to SQLi?

Run a free scan to find out in under 2 minutes.

Scan Now

SQL Injection (SQLi)

What is SQLi?

How it works

Impact

How to fix it

Code example

Related CVEs

Tags

Is your site vulnerable to SQLi?

SQL Injection (SQLi)

What is SQLi?

How it works

Impact

How to fix it

Code example

Related CVEs

Tags

Is your site vulnerable to SQLi?