codemapoest. 2024

BlogBLOG RoadmapROADMAP UtilityUTILITY ProjectsPROJECTS AboutABOUT

© codemapo · est. 2024

All rights reserved.

HOME/BLOG/Y · SECURITY/Y·06

Y·06SECURITY2025.07.151 MIN READ

My Database Was Wiped Out Because of a Single Quote (SQL Injection)

내 DB가 점 하나(') 때문에 털렸다 (SQL Injection)

How I lost my data due to a simple SQL Injection. Why Prepared Statements are the only silver bullet and if ORMs are truly safe.

c

codemapo

INTERDISCIPLINARY DEV · SEOUL

10. References

#Security #Database #Backend #Hacking

← Back to List

▸ COORDINATE

Y·06

SECURITY · 06

▸ NEXT IN Y-AXIS

CSP (Content Security Policy): The Header That Blocks XSS at the Source

OWASP Top 10 (2025): Complete Web Security Threats Overview

SSRF: Server-Side Request Forgery

▸ AUTHOR

c

codemapo

8y planning → engineer

Crossed from 8y in planning & sales into code. Interested in the joints between things.

RELATED · NEARBY COORDINATESALL IN Y-AXIS →

Y·132026.04.02

CSP (Content Security Policy): The Header That Blocks XSS at the Source

CSP is the last line of defense that stops XSS scripts from executing even if injected. Directive syntax, nonce approach, Next.js config, and a safe rollout strategy — all covered.

Y·122026.04.01

OWASP Top 10 (2025): Complete Web Security Threats Overview

From injection and broken auth to XSS and the newest threats — OWASP Top 10 broken down with real code examples and practical mitigations for each vulnerability.

Y·112025.08.23

SSRF: Server-Side Request Forgery

Understanding SSRF attack principles and defense methods through practical experience