aboutsummaryrefslogtreecommitdiffstats
path: root/SQL injection 2/Resources/notes.md
diff options
context:
space:
mode:
Diffstat (limited to 'SQL injection 2/Resources/notes.md')
-rw-r--r--SQL injection 2/Resources/notes.md1
1 files changed, 1 insertions, 0 deletions
diff --git a/SQL injection 2/Resources/notes.md b/SQL injection 2/Resources/notes.md
index 282802f..fb7c96e 100644
--- a/SQL injection 2/Resources/notes.md
+++ b/SQL injection 2/Resources/notes.md
@@ -26,3 +26,4 @@
- Don't show SQL errors on the front-end because it gives attackers clues about the database and the queries that can be used to exploit them
- Don't include untrusted, unfiltered and/or unsanitized input into a SQL query
+- Give the least amount of privileges to database users (for example, they should not be able to read meta information tables like `information_schema` etc)
generated by cgit v1.2.3 (git 2.46.0) at 2026-04-16 16:05:22 +0000