The Web Application Hacker’s Handbook Discovering and Exploiting Security Flaws

Oracle:

ORA-00907: missing right parenthesis

MS-SQL:

N/A

MySQL:

You have an error in your SQL syntax.  Check

the manual that corresponds to your MySQL

server version for the right syntax to use

near ‘’ at line 1

Translation:

Your SQL injection attempt has worked, but the injection point

was inside parentheses ( ). You probably commented out the

closing parenthesis with injected comment characters 

--

.

Oracle:

ORA-00900: invalid SQL statement

MS-SQL:

Msg 170, Level 15, State 1, Line 1

Line 1: Incorrect syntax near foo

MySQL:

You have an error in your SQL syntax.  Check

the manual that corresponds to your MySQL

server version for the right syntax to use

near XXXXXX

Translation:

A general error message. The error messages listed previously

all take precedence, so something else went wrong. It’s likely

you can try alternative input and get a more meaningful

message.

Oracle:

ORA-03001: unimplemented feature

MS-SQL:

N/A

MySQL:

N/A

Translation:

You have tried to perform an action that Oracle does not

allow. This can happen if you were trying to display the

database version string from 

v$version

but you were in an

UPDATE

or 

INSERT

query.

Oracle:

ORA-02030: can only select from fixed

tables/views

MS-SQL:

N/A

MySQL:

N/A

Translation:

You were probably trying to edit a 

SYSTEM

view. This can

happen if you were trying to display the database version

string from 

v$version

but you were in an 

UPDATE

or

INSERT

query

Download 5,76 Mb.

Do'stlaringiz bilan baham: