Sign in Create account

#sqlsecurity — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #sqlsecurity, aggregated by home.social.

PrecisionSQL @[email protected] · 2026-02-14 · 10:40 UTC

What's wrong with this SQL IN clause?
What's wrong with this SQL IN clause in a permissions check. The SQL code builds an IN list from user input without parameterization. In SQL services this enables injection and data leaks.
#whatswrongwiththissqlquery #sqlbug #sqlproductionbug #sqldebugging #sqldatabase #sqlcodereview #sqlperformance #sqlreliability #sqlanalytics #sqldataintegrity #sqlengineering #sqlinjection #sqlinclause #sqlsecurity #sqlper...
https://www.youtube.com/watch?v=YtxP2ye7rJ4

#whatswrongwiththissqlquery #sqlbug #sqlproductionbug #sqldebugging #sqldatabase #sqlcodereview
PrecisionSQL @[email protected] · 2026-01-29 · 10:41 UTC

What's wrong with this SQL order by?
What's wrong with this SQL order by in a search endpoint. The SQL code interpolates a user supplied sort field, enabling injection. In SQL backends this exposes data and crashes queries.
#whatswrongwiththissqlquery #sqlbug #sqlproductionbug #sqldebugging #sqldatabase #sqlcodereview #sqlperformance #sqlreliability #sqlanalytics #sqldataintegrity #sqlengineering #sqlinjection #sqlorderby #sqlquery #sqlsecurity
https://www.youtube.com/watch?v=enGz-KrHnx4

#whatswrongwiththissqlquery #sqlbug #sqlproductionbug #sqldebugging #sqldatabase #sqlcodereview