Sage Software Interview Question for Interns

Country: UK
Interview Type: In-Person

Comment hidden because of low score. Click to expand.
of 1 vote

SQL Injection: exploits the queries that do not use bind variables.

e.g. on a login page if we are directly substituting the user and password fields as below:
select 1 from users where username = '<<userinput>>' and password = '<<userpasswd>>';
a malicious user can supply the password string as
xyz ' or 'a'='a
which would be valid SQL and will always return a result.

- lakshaman February 02, 2014 | Flag Reply

Add a Comment

Writing Code? Surround your code with {{{ and }}} to preserve whitespace.


is a comprehensive book on getting a job at a top tech company, while focuses on dev interviews and does this for PMs.

Learn More


CareerCup's interview videos give you a real-life look at technical interviews. In these unscripted videos, watch how other candidates handle tough questions and how the interviewer thinks about their performance.

Learn More

Resume Review

Most engineers make critical mistakes on their resumes -- we can fix your resume with our custom resume review service. And, we use fellow engineers as our resume reviewers, so you can be sure that we "get" what you're saying.

Learn More

Mock Interviews

Our Mock Interviews will be conducted "in character" just like a real interview, and can focus on whatever topics you want. All our interviewers have worked for Microsoft, Google or Amazon, you know you'll get a true-to-life experience.

Learn More