nerdexam
Exams312-50V9Questions#104
EC-Council

312-50V9 · Question #104

312-50V9 Question #104: Real Exam Question with Answer & Explanation

The correct answer is B: SQL injection.. Suspicious entries in the web server log targeting login.php indicate SQL injection, the most common vulnerability in authentication scripts that concatenate user input directly into SQL queries.

Question

A security administrator notices that the log file of the company's webserver contains suspicious entries: Based on source code analysis, the analyst concludes that the login.php script is vulnerable to

Exhibit

312-50V9 question #104 exhibit

Options

  • Acommand injection.
  • BSQL injection.
  • Cdirectory traversal.
  • DLDAP injection.

Explanation

Suspicious entries in the web server log targeting login.php indicate SQL injection, the most common vulnerability in authentication scripts that concatenate user input directly into SQL queries.

Common mistakes.

  • A. Command injection requires the application to pass user input to an operating system shell function, which is unrelated to database authentication logic in login.php.
  • C. Directory traversal exploits insufficient path validation to access files outside the web root using sequences like '../', not login form parameters.
  • D. LDAP injection manipulates LDAP queries and would require the application to use an LDAP directory for authentication rather than a SQL database.

Concept tested. SQL injection in authentication scripts

Reference. https://owasp.org/www-community/attacks/SQL_Injection

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 312-50V9 Practice