ApEx:SQL injection

From OWASP
Jump to: navigation, search

Don't use substitution variables & but bind variables :

References

At KScope 2013, a presentation was given about SQL Injection in Oracle APEX applications. The two demonstrations given during this presentation are available as videos: