JAVA – Possible SQL Injection – DevDreamz

ResultSet user = stat.executeQuery( “SELECT * FROM USER WHERE log_id='” + username + “‘;” ); This is subject to SQL injection.

Related:

  • No Related Posts

Leave a Reply