Which vulnerability can occur if a programmer does not properly validate user input and allows an attacker to include unintended SQL input that can be passed to a database?
A) Rainbow attack
B) Cross-site request forgery
C) Command injection
D) Buffer overflow

Question

Quizplus · Accepted Answer

Command injection vulnerabilities occur when an application passes unsafe user supplied data (forms, cookies, HTTP headers etc.) to a system shell. In this context, if a programmer does not properly validate user input, it can lead to SQL command injection, where attackers can manipulate SQL queries.

Which Vulnerability Can Occur If a Programmer Does Not Properly