Menu
I am using mongoDB currently, and I am wondering what measures we should take to ensure that any data that could cause problems isn't stored. I believe that normal PHP functions like mysql_escape_string isn't going to help here...
Is there SQL injections for noSQL databases and especially mongoDB?
If so, what can we do to protect us from them?
410
SQL injection is a code injection technique that might destroy your database. SQL injection is one of the most common web hacking techniques. SQL injection is the placement of malicious code in SQL statements, via web page input.
By requiring fewer relational constraints and consistency checks, NoSQL databases often offer performance and scaling benefits. Yet these databases are still potentially vulnerable to injection attacks, even if they aren't using the traditional SQL syntax.
As we acknowledged earlier, MongoDB is vulnerable to SQL injection attacks. Even though it's a NoSQL database. In combination with Node. js, MongoDB is a powerful tool.
See MongoDB's documentation:
Generally, with MongoDB we are not building queries from strings, so traditional SQL Injection attacks are not a problem.
There are other issues to be aware of, so it's worth giving that page a read.
60
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
