1,105,288 Community Members

MS Access - Is it Vulnerable to Injection

Member Avatar
Octet
Posting Pro
579 posts since Nov 2011
Reputation Points: 45 [?]
Q&As Helped to Solve: 53 [?]
Skill Endorsements: 16 [?]
Featured
Sponsor
 
1
 

Hello DaniWeb,

I personally work with SQL databases for web development work however I need to learn about Access databases for some upcoming AS Level exams. I asked my teacher, whether Access was vulnerable to Injection attacks and she looked at me with a quizical expression on her face so after trying to explain to her in two sentences as not to waste time what an SQL Injection attack was she replied saying,

'I don't have SQL turned on'.

Considering she is a web designer part time, I would of expected her to know what an Injection attack was but that is besides the point, I never recieved a straight answer to the question.

As in SQL, you can inject malicious code through a poorly designed form and this can be executed alongside the original query, can the same be done in Access?

Thank you

Member Avatar
JorgeM
IT Addict
6,379 posts since Dec 2011
Reputation Points: 567 [?]
Q&As Helped to Solve: 953 [?]
Skill Endorsements: 172 [?]
Moderator
Featured
Sponsor
 
1
 

I am by far a sql injection expert, but from my understanding and experience, the vulnerability is not really SQL related. The issue is with the way you collect the user input and pass that input within the query sent to your sql data source. So i would say yes.

Member Avatar
adam_k
Veteran Poster
1,056 posts since Jun 2011
Reputation Points: 239 [?]
Q&As Helped to Solve: 212 [?]
Skill Endorsements: 17 [?]
 
0
 
Member Avatar
Octet
Posting Pro
579 posts since Nov 2011
Reputation Points: 45 [?]
Q&As Helped to Solve: 53 [?]
Skill Endorsements: 16 [?]
Featured
Sponsor
 
0
 

As always JorgeM, thanks for the rapid response.

Question Answered as of 1 Year Ago by adam_k and JorgeM
You
This question has already been solved: Start a new discussion instead
Post:
Start New Discussion
Tags Related to this Article