1. Prevention against SQL Injection in Hibernate stackoverflow.comI have used hibernate to interact with my database, now i wanted to make my database layer secure against SQL Injection, so i did some research i ofund ... |
2. Detecting Injection in Hibernate stackoverflow.comI'm using Hibernate and I want to prevent injections into Hibernate prepared statements. Is there a straightforward way to do this? Regards, Hamed Let me rephrase my problem. :-) I have a lot of queries ... |
3. Hibernate 3 SQL Injection Attack possible on this kind of code ? coderanch.com |
4. sql injection attack forum.hibernate.orgFew days back there was an audit and the report was the application was vulnerable to sql injection attack, we query the database by calling List result = session.createQuery("from LoginInfo where loginName = :loginName and password is null") .setString("loginName", info.getLoginName()) .list(); I ran some test and could not find anything, can anyone please help me in understanding why its broken and ... |
5. Malicious SQL injection forum.hibernate.org |
6. sql injection forum.hibernate.orghi, i tried to test if my application (which is based upon hibernate) is safe against sql injection. ok nothing happened, but maybe i don't have the cleverness of a hacker and he could do it... Do you know how secure hibernate is and what i could do? Somewhere i read prepared statements could protect. thanks and kind regards, jazz |
7. Hibernate and Security (SQL Injection) forum.hibernate.orgGreetings, I've successfully used hibernate on a few projects, and well, it's almost about to happen again. Thanks for the great work (and making my life easier), you already know how great hibernate is, so I won't say it again! :) My current client has a very strict security review for all applications before they go into production. We deal with ... |
8. verify - no SQL Injection attacks forum.hibernate.org |
9. Design problem: need to inject extra sql statements / transp forum.hibernate.orgHi, I would like to have your input on the following problem: I need to retrieve data from the database which have all a common sql suffix. The common suffix part is used to retrieve data that passes the permission / security suffix So for example (simplified) I need to do the following: select * from tableA where |
10. preventing SQL injection attacks forum.hibernate.orgHi, We use HQL for generating queries in our code and recently a user asked about SQL injection attacks. I was wondering if there was any kind of useful method I could pass my user input to to before doing the HQL that could transform quotes/parse out sql commands, etc to make my life easier. I understand that in general every ... |
11. does Hibernate guard against SQL injection? forum.hibernate.org |
12. SQL Injection safe code? forum.hibernate.orgpublic List getAllItemsForList(Long list) { Query q = getSession().createQuery("from ListItem li where li.listId = :pListId order by sortorder asc"); q.setLong("pListId", list.longValue()); List items = q.list(); log.debug("[getAll] returning list of size " + items.size()); ... |