Currently [as of 2013], SQL Injections (along with some other similar types of injections) are the top concern for security on the net; OWASP ranked them the top "critical risk" on the net right now, and with good reason: they are not only easy to perform (once you know a victim is vulnerable) but are potentially devistating. Imagine having a huge database full of customer information (think: Amazon, Ebay, Paypal, etc.) and having some outside party being able to access, read, change, or even completely delete the information in that database — this is the power that injections have.
While a great number of websites are currently [even as of 2013] vulnerable either partly or fully to these injections, you should not attempt to test injections on these sites. Instead, we will make our own vulnerable site which we can test at our leisure.
|⇐ Back to 4.3||Home|