"SQL Injection" is subset of the an unverified/unsanitized user input vulnerability ("buffer overflows" are a different subset), and the idea is to convince the application to run SQL code that was not intended. If the application is creating SQL strings naively on the fly and then running them, it's straightforward to create some real surprises.
You can say what ever you want about the security of a credit card. The most important security criteria that every card holder must keep in mind is:
1) TAKE CARE OF YOUR CREDIT LIMITS
2) TAKE CARE OF YOUR CREDIT CARD FROM BEING STOLEN
3) DON'T EVER GIVE YOUR CREDIT CARD TO YOUR WIFE (THE MOST INPORTANT)
the others is up to the card holder.
Slashdot Mirror
"SQL Injection" is subset of the an unverified/unsanitized user input vulnerability ("buffer overflows" are a different subset), and the idea is to convince the application to run SQL code that was not intended. If the application is creating SQL strings naively on the fly and then running them, it's straightforward to create some real surprises.
You can say what ever you want about the security of a credit card. The most important security criteria that every card holder must keep in mind is: 1) TAKE CARE OF YOUR CREDIT LIMITS 2) TAKE CARE OF YOUR CREDIT CARD FROM BEING STOLEN 3) DON'T EVER GIVE YOUR CREDIT CARD TO YOUR WIFE (THE MOST INPORTANT) the others is up to the card holder.
4)SQL injection Well the only thing that i can see from my point of view it is just a state-of-art of social engineering