1

My app has an input field that is used as a source for a HTML and PDF file.

I also store this input in my database.

My question is: Is it possible to somehow write something in the text field which would then give data away or even possibly harm my database?

The content itself doesn't really query anything, as it is just stored.

I do not know how to protect my data storage from potential attacks, and I would like to learn how to verify that my application is not vulnerable to (potential) attacks.

Improve this question
2
  • You've tagged this with SQLi, so it appears that you already know the dangers. So, your title ("are there attacks") doesn't match your body ("how do I test"). What is it that you want to know? Commented Oct 27, 2023 at 7:55
  • We can't tell you how to perform SQLi testing in a Q&A site. And we can't tell you what specific issues your app might have. Commented Oct 27, 2023 at 7:56

1 Answer 1

Reset to default
0

I would recommend reviewing the recommendations on OWASP's SQL prevention guide here.

Without knowing more about the application or infrastructure, OWASP would be your best bet to evaluate your code.

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.