Security Basics mailing list archives
Re: why most sql injection is not occurred at mysql?
From: "Brian Daniel Beck" <beckbria () msu edu>
Date: Tue, 23 Oct 2007 12:36:32 -0400
MontyRee writes:
Surely I have seen sql injection is occurred at mysql.but in my short experience, most sql injection is occurred at ms-sql or oracle based not mysql. I don't know why.Any idea?
First off, as you state, injection attacks for MySQL are certainly possible. If it is the case that Oracle and MS-SQL are more common targets, I would argue that it is because most databases worth exploiting (corporate sites, etc.) run on Oracle or other such databases rather than MySQL. -Brian Beck
Current thread:
- why most sql injection is not occurred at mysql? MontyRee (Oct 23)
- Re: why most sql injection is not occurred at mysql? Brian Daniel Beck (Oct 23)
- Re: why most sql injection is not occurred at mysql? Francois Larouche (Oct 23)
- Re: why most sql injection is not occurred at mysql? jam (Oct 23)
- Re: why most sql injection is not occurred at mysql? Jedrzej Majko (Oct 25)
- Re: why most sql injection is not occurred at mysql? jam (Oct 23)