{"version":"1.0","provider_name":"ValeurBit Infosec","provider_url":"https:\/\/valeurbit.com\/blog","author_name":"ValeurBit","author_url":"https:\/\/valeurbit.com\/blog\/author\/valeurbit\/","title":"What is SQL Injection and How it works? | ValeurBit Infosec","type":"rich","width":600,"height":338,"html":"<blockquote class=\"wp-embedded-content\" data-secret=\"ipQbtqBwsJ\"><a href=\"https:\/\/valeurbit.com\/blog\/what-is-sql-injection-and-how-it-works\/\">What is SQL Injection and How it works?<\/a><\/blockquote><iframe sandbox=\"allow-scripts\" security=\"restricted\" src=\"https:\/\/valeurbit.com\/blog\/what-is-sql-injection-and-how-it-works\/embed\/#?secret=ipQbtqBwsJ\" width=\"600\" height=\"338\" title=\"&#8220;What is SQL Injection and How it works?&#8221; &#8212; ValeurBit Infosec\" data-secret=\"ipQbtqBwsJ\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" class=\"wp-embedded-content\"><\/iframe><script type=\"text\/javascript\">\n\/* <![CDATA[ *\/\n\/*! This file is auto-generated *\/\n!function(d,l){\"use strict\";l.querySelector&&d.addEventListener&&\"undefined\"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!\/[^a-zA-Z0-9]\/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret=\"'+t.secret+'\"]'),o=l.querySelectorAll('blockquote[data-secret=\"'+t.secret+'\"]'),c=new RegExp(\"^https?:$\",\"i\"),i=0;i<o.length;i++)o[i].style.display=\"none\";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute(\"style\"),\"height\"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):\"link\"===t.message&&(r=new URL(s.getAttribute(\"src\")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener(\"message\",d.wp.receiveEmbedMessage,!1),l.addEventListener(\"DOMContentLoaded\",function(){for(var e,t,s=l.querySelectorAll(\"iframe.wp-embedded-content\"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute(\"data-secret\"))||(t=Math.random().toString(36).substring(2,12),e.src+=\"#?secret=\"+t,e.setAttribute(\"data-secret\",t)),e.contentWindow.postMessage({message:\"ready\",secret:t},\"*\")},!1)))}(window,document);\n\/* ]]> *\/\n<\/script>\n","description":"In modern web applications, injections are less and less common, everyone uses prepared queries and ORMs, but we still see injections during penetration tests. Of particular interest are the SQL dialects built into ORM libraries.&nbsp;This is an additional abstraction that is also prone to injection, and vulnerabilities can arise when translating expressions from a dialect...","thumbnail_url":"https:\/\/blog.deteact.com\/ru\/wp-content\/uploads\/sites\/2\/2019\/08\/image.png"}