Reputation: 548
Why is this SQL injection harmful?
I have a mybb forum that I have found is vulnerable to a SQL injection. I have performed said SQL injection on the site, but I don't understand why this data is sensitive. For security reasons, I have not disclosed my website, but an end ample found in the internet is pictured below. Can someone explain to me why this data should not be publically known?
http://uploaderx.persiangig.com/C/mybb_sqli_error.png
Upvotes: 0
Views: 121
Answers (2)
Reputation: 704
Your data may not be sensitive, but your site would be VERY sensitive to someone issuing a series of DROP TABLE commands through SQL injection. You could very easily find your site nothing but error messages no matter what page you visited.
And if you didn't have a recent backup (you DO do frequent backups, right??), your site would be pretty much dead and you would have to start from scratch.
Upvotes: 2
Related Questions
- Why is this prone to SQL Injection?
- SQL Injection: Why is the following code dangerous?
- How dangerous is this PHP code?
- What is this SQL injection doing?
- SQL Injection attack - What does this do?
- Is this vulnerable to SQL injection?
- Why is this SQL code insecure?
- Can you explain this SQL injection?
- How can this kind of SQL injection work even though there is not security consideration at all?
- How is this MySQL query vulnerable to SQL injection?