Concept - Injections¶

What is an injection attack?¶

An injection attack aims to execute code on the system of the victim through a vulnerable system of the victim. The injection uses badly implemented software to somehow gain control over the executor and executing code through this piece of software. In Python that is the Python Interpreter and in SQL it is the SQL Interpreter.

OWASP Top 10¶

Injection Flaws are still ranked as the third most common vulnerability of system in the OWASP Top 10. They are on the list since a long time, which shows that a lot of systems still suffer from the problem and have problems implementing countermeasures.

links: WS TOC - Injections - Index