sql-injection
Safeguard articles tagged "sql-injection" — guides, analysis, and best practices for software supply chain and application security.
46 articles
Common Insecure Suggestions in SQL and Auth Code from AI ...
Across studies from Stanford to BaxBench, AI assistants keep suggesting string-concatenated SQL and hardcoded JWT secrets. Here is the pattern, by the numbers.
Prompt Injection vs Traditional Injection Attacks: A Tech...
SQL injection was solved by separating code from data. Prompt injection can't be, because in an LLM they share one channel. Here's the technical comparison, with real exploits and dates.
PHP Vulnerability Classes and Common Fixes
The recurring php vulnerability classes — SQL injection, file inclusion, deserialization, and type-juggling bugs — and the specific fixes that close each one.
Blind SQL Injection: A Practical Cheat Sheet
This blind sql injection cheat sheet covers how boolean-based and time-based blind attacks actually work, why they succeed against apps with no visible error output, and how to close them off.
SQL Injection Prevention Cheat Sheet
A practitioner's SQL injection cheatsheet: parameterized queries, safe ORM use, input validation, least privilege, and the exact patterns to ban in review.
CVE-2025-1094 in PostgreSQL psql: Patch Posture & SBOM Response
PostgreSQL psql SQL injection scored CVSS 8.1 and patched in 17.3 / 16.7 / 15.11 / 14.16 / 13.19. Defender SBOM and rollout playbook.
SQL Injection: How It Works and How It's Actually Tested
A defender's walkthrough of how SQL injection works and how security testers actually verify it in a controlled, authorized assessment — not a how-to-attack guide.
SQL Injection Examples: Classic and Modern Attack Patterns
Real SQL injection examples from classic login bypass to blind, time-based, and ORM-era attacks, plus how to test for each one safely.
SQL Injection Basics for Engineers Who Aren't Security Specialists
SQL injection is still one of the most common ways applications get breached, and the fix is usually a one-line change — this walks through the basics with a real example.
SQL Injection Prevention in 2022: Why It Still Happens and How to Stop It
SQL injection has been the top web vulnerability for over two decades. Modern frameworks help, but they do not make it impossible. Here is what still goes wrong.