aboutsummaryrefslogtreecommitdiffstats
path: root/SQL injection 1/Resources
diff options
context:
space:
mode:
Diffstat (limited to 'SQL injection 1/Resources')
-rw-r--r--SQL injection 1/Resources/notes.md1
1 files changed, 1 insertions, 0 deletions
diff --git a/SQL injection 1/Resources/notes.md b/SQL injection 1/Resources/notes.md
index 3292f86..7151223 100644
--- a/SQL injection 1/Resources/notes.md
+++ b/SQL injection 1/Resources/notes.md
@@ -31,3 +31,4 @@
- Don't show SQL errors on the front-end because it gives attackers clues about the database and the queries that can be used to exploit them
- Don't include untrusted, unfiltered and/or unsanitized input into a SQL query
+- Give the least amount of privileges to database users (for example, they should not be able to read meta information tables like `information_schema` etc)
generated by cgit v1.2.3 (git 2.46.0) at 2026-04-16 18:02:43 +0000