nd.gov - The Official Portal for North Dakota State Government
North Dakota: Legendary. Follow the trail of legends

February 10, 2009 - SQL Injection

All Users

WMS has been modified to prevent SQL Injection attacks.  SQL Injection is a technique used by hackers to take advantage of non-valid input vulnerabilities to pass malicious commands through a Web application for execution by a backend database. Attackers take advantage of the fact that SQL commands are sometimes chained together with user-provided parameters.  By manipulating those parameters, hackers quietly gain access to data.