You are conducting a penetration test on a web application recently purchased by the HR department of your employer. You find that when creating a new user account in the Web UI you can delete data from the database by entering '; DROP TABLE Users' into the field for the user account. What type of vulnerability have you discovered?

  • SQL injection
  • Request forgery
  • Drop database vulnerability
  • XML Injection

CompTIA Security+ SY0-601
  • Attacks, Threats, and Vulnerabilities
    • This question is filed here
  • Architecture and Design
  • Implementation
  • Operations and Incident Response
  • Governance, Risk, and Compliance