Member Avatar for Octet

Hello DaniWeb,

I personally work with SQL databases for web development work however I need to learn about Access databases for some upcoming AS Level exams. I asked my teacher, whether Access was vulnerable to Injection attacks and she looked at me with a quizical expression on her face so after trying to explain to her in two sentences as not to waste time what an SQL Injection attack was she replied saying,

'I don't have SQL turned on'.

Considering she is a web designer part time, I would of expected her to know what an Injection attack was but that is besides the point, I never recieved a straight answer to the question.

As in SQL, you can inject malicious code through a poorly designed form and this can be executed alongside the original query, can the same be done in Access?

Thank you

  • 3 Contributors
  • 3 Replies
  • 258 Views
  • 30 Minutes Discussion Span
  • Latest Post Latest Post by Octet

Recommended Answers

All 3 Replies

Member Avatar for JorgeM

I am by far a sql injection expert, but from my understanding and experience, the vulnerability is not really SQL related. The issue is with the way you collect the user input and pass that input within the query sent to your sql data source. So i would say yes.

Member Avatar for Octet

As always JorgeM, thanks for the rapid response.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.