BBLabs NewsBBLabs News
NewsAll articlesTopics
ES
  1. Home
  2. ›
  3. Glossary
  4. ›
  5. SQLi
Bug Bounty

SQLiSQL Injection

Definition

Injection of malicious SQL into a backend query via unsafe concatenation of user input. Allows reading/modifying the database, and sometimes RCE via xp_cmdshell or load_file.

Still top 3 OWASP despite 25+ years of awareness — because any new view with a misused ORM or a hidden raw query reintroduces it. Variants: in-band (UNION, error-based), blind (boolean, time-based), out-of-band (DNS exfil).

Impact: full DB read (PII, hashes), auth bypass (login OR '1'='1'), data modification, command execution depending on the engine (MSSQL xp_cmdshell, MySQL FILE privileges).

Defence: parameterised queries (prepared statements). Not 'quote filtering'. Proper ORM use (no .raw()/QueryBuilder with concatenation). Least privilege on the DB user (don't run the web app as DBA).

Related terms

  • XSS
  • IDOR
  • SSRF

Latest articles on Bug Bounty

  • →Repo jacking on bundler.io: open supply chain attack
  • →Jacob Butler arrested for running Kimwolf botnet
  • →KimWolf botnet admin charged: 2M devices, US-Canada joint op

Interested in Bug Bounty?

Get one technical story a day on bug bounty — curated, summarised, actionable.

Subscribe
BBLabs NewsBBLabs News

Una historia al día. Cero ruido.

Newsletter técnica de ciberseguridad, vulnerabilidades, IA y bug bounty. Para gente que se toma en serio no perder el tiempo.

Conecta

Comunidad

  • Discord BBLabsÚnete a la comunidad
  • Discord Bug Bounty EspañaComunidad BB Es

Síguenos

  • YouTube · 0xGorkaCyber, hacking y bug bounty
  • Instagram · @bblabs.esLo último del proyecto

Contacto

team@bblabs.esEscríbenos para lo que sea

Para feedback, partnerships o reportar un bug en la web. Respondemos rápido.

Acerca de·Temas·Glosario·RSS·Privacidad·Términos
© 2026 BBLabs News·Por Gorka El Bochi
Hecho en España