C Sharp String Format Sql Injection
Description
Detects SQL injection vulnerabilities in C# code where SqlCommand objects are used with potentially untrusted data in query strings. This can allow attackers to manipulate SQL queries through user input, potentially leading to unauthorized database access or manipulation.
Detection Strategy
• Identifies instantiations of SqlCommand objects in C# code
• Checks if the SQL query string used in the SqlCommand contains user-controlled or untrusted input
• Analyzes data flow to determine if query parameters come from user-controlled sources like request parameters or form data
• Reports a vulnerability when a SqlCommand is constructed with a query string that includes unvalidated user input
Vulnerable code example
using System.Data.SqlClient;
public class UserViewer
{
public void GetUserData(string userId)
{
using (SqlConnection conn = new SqlConnection("connection_string"))
{...✅ Secure code example
using System.Data.SqlClient;
public class UserViewer
{
public void GetUserData(string userId)
{
using (SqlConnection conn = new SqlConnection("connection_string"))
{...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.