top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

Is it possbile to write files with MySQL via SQL injection?

+2 votes
471 views
Is it possbile to write files with MySQL via SQL injection?
posted Apr 27, 2016 by Shivam Kumar Pandey

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button

1 Answer

0 votes

It's possible, especially with suitably careless configuration.

For example, there is SELECT ... INTO OUTFILE 'file_name'

But it's also more likely to be a different security problem. I'd seriously consider taking the software offline quickly, especially if the database contains any confidential or private information,,
reference-http://stackoverflow.com/questions/1579160/is-it-possbile-to-write-files-with-mysql-via-sql-injection

answer Apr 27, 2016 by Devendra Bohre
...