Learn with me :)

  What is SQL injection? ✔ SQL injection is a code injection technique that uses malicious SQL code to access information/data that was not intended to be displayed. It can be used to obtain unauthorized access to the underlying data, structure, and DBMS.  ✔ SQL Injection attacks are one of the oldest, most prevalent, and most dangerous web application vulnerabilities. The OWASP organization lists injections in their OWASP Top 10 2017 document as the number 1 threat to web application security.  ✔ SQL injection vulnerability occurs when the application sends user input to the interpreter without sanitizing it and user input can be used to query database. SQL queries are used to execute commands, such as data retrieval, updates, and record removal. Types Of SQL Injection Attacks : SQL Injection can be classified into three major categories In-band SQL Injection Inferential SQL Injection Out-of-band SQL Injection 1) In-band SQL Injections When the attacker uses the same communication c

   What is access control? Access control is a security technique that can be used to regulate who (or what) can perform attempted actions or access resources in a computing environment. In context of web application security, it determines whether the user is allowed to carry out the action that they are attempting to perform. Synonyms: Authorization Basically, access control enforces a policy where users cannot act outside their intended permissions. It relies on authentication and session management. B roken Access Control :  Access controls are designed to regulate user privileges. Failures typically cause unauthorized information disclosure, modification or destruction of all data, or performing a business function outside of user privilege, known as " Broken Access Control " or " Privilege Escalation ".   Broken Access Control ranks 5th in the 2020 OWASP Top 10. Broken access control can usually be encountered in any application and these