What is the main difference between a “Normal” SQL Injection and a “Blind” SQL Injection
vulnerability?
vulnerability?
A.
The request to the web server is not visible to the administrator of the vulnerable application.
The request to the web server is not visible to the administrator of the vulnerable application.
B.
The attack is called “Blind” because, although the application properly filters user input, it is still
vulnerable to code injection.
The attack is called “Blind” because, although the application properly filters user input, it is still
vulnerable to code injection.
C.
The successful attack does not show an error message to the administrator of the affected
application.
The successful attack does not show an error message to the administrator of the affected
application.
D.
The vulnerable application does not display errors with information about the injection results to
the attacker.
The vulnerable application does not display errors with information about the injection results to
the attacker.
No comments:
Post a Comment