Data Harvesting SQL injections are a way of attacking a data driven SQL based application, and tricking it into sending the attacker data from the database. During this type of attack the database
engine is tricked into running extra commands that are usually added on to legitimate SQL queries and stored procedures. This extra code harvests data from the database and sends it to the attacker. The extra SQL commands are usually added to a query
sent from a client application that needs to receive data. Usually a compromised web browser application. See: OWASP Top Ten
Progress, Telerik, Ipswitch, Chef, Kemp, Flowmon, MarkLogic, Semaphore and certain product names used herein are trademarks or registered trademarks of Progress Software Corporation and/or one of its subsidiaries or affiliates in the U.S. and/or other countries. See
Trademarks for appropriate markings.