• Home
  • Introduction
    • What Is SQL Injection
    • SQL Injection Risks
  • Attacks
    • Basics
    • Test
      • SQL Injection Detection
      • Identify Data Entries
      • Determining Query Structure
      • Anomalies
    • Techniques
    • Extract Information
    • Blind
  • Advanced
    • Stored Procedures Attacks
    • SQL Injection Tools
    • Uncategorized Notes
  • Defense
    • Code Level Defense
  • Resources
    • Simulation Environment
  • About
    • About Us
    • Contact Us
Logo SQL Injection

  • GET THE BOOK!

  • Recent Articles

    • Time-Based Blind SQL Injection using Heavy Query
    • Estimating MySQL Table Size using SQL Injection
    • Time-Based Blind SQL Injection Attacks
    • Analysing Server Response and Page Source
    • Database Fingerprinting for SQL Injection

Archive of MySQL Numeric Parameter SQL Server

  • Implicit Numeric Conversion in SQL

    Implicit Numeric Conversion in SQL

    Posted in Notes

    Numeric values between quotes.. Some database management systems support SQL syntax where numeric values are enclosed between quotes. As I know, only MySQL and SQL Server support this particular syntax. Let’s start with a quick example. It is important to mention here that the...

    Continue reading this entry →
  • SQL Injection and String Parameters

    SQL Injection and String Parameters

    Posted in SQL Injection Basics

    How to perform SQL injection in text fields. The only difference between numeric parameters and string parameters is that the latter is enclosed between quotes. From an attacker perspective it simply means that the injected SQL segment must be crafted in...

    Continue reading this entry →
  • SQL Injection Attacks and Numeric Parameters

    SQL Injection Attacks and Numeric Parameters

    Posted in SQL Injection Basics

    Understanding numeric SQL injection. Attacks against numeric parameters are the simplest way to achieve a SQL injection. This kind of vulnerability is also widely spread since developers often consider that numeric parameters are safe when in most cases they are not. Let's now see...

    Continue reading this entry →

  • About

    Sqlinjection.net was developed to provide information about SQL injection to students, IT professionals and computer security enthusiasts. It intends to be a reference about this security flaw.

    Read more

  • Main Sections

    • Introduction to SQL Injection
    • SQL injection Tutorial
    • Advanced SQL Injection
    • Securing Against SQL Injection
    • Resources for SQL Injection

  • Disclamer

    This website and/or it's owner is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to sqlinjection.net.
  • Sqlinjection.net Logo
Copyright 2020 SQLINJECTION.NET - All rights reserved. Copyright  ·  Disclaimer  ·  Terms of Use  ·  Privacy Policy  ·  Back to Top ↑