Is SQL injection really the guilty party in software application vulnerabilities?

SQL injection is thought to be a major cause of Web vulnerabilities in software applications. Vulnerability scanners have made big business out of what security expert Kevin Beaver says are relatively small concerns.

Is SQL injection as big a problem as the vulnerability scanner vendors and other product/service companies say it is?

The vulnerability scanning vendors get raw data on the number of SQL injection flaws that are uncovered. If you...

just look at these numbers and not take authentication, user roles, and other contextual information into account, then yes you'd think the sky is falling. That said, I find lots of SQL injection flaws that are not exploitable given the context of the vulnerability. Many are false positives.

In over 10 years of testing Web applications using what I believe are some of the best tools available, I've only come across two situations where SQL injection was actually exploitable and truly meant something to the business. One was exploitable via an unauthenticated user and the other by trusted user who were logged in. I see many, many more issues with cross-site scripting, login mechanisms, and application logic that, in many cases, can be just as detrimental as SQL injection.

Here are some articles that might interest you while we're on the topic of SQL injection issues:

This was first published in December 2009

Dig Deeper on Software Security Test Best Practices



Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: