單項選擇題

一個Java程序員寫了下面一段代碼,
String artist = request.getParameter(“artist”);
String genre = request.getParameter(“genre”);
String album = request.getParameter(“album”);
Statement s = connection.createStatement();
s.executeQuery(“SELECT() FROM music WHERE artist = ‘” + artist +
‘” AND genre = ‘” + genre + ‘” AND album = ‘” + album + “’”);
請問從安全角度來說有什么問題? ()

A.存在跨站攻擊漏洞
B.存在SQL注入漏洞
C.存在任意命令執(zhí)行漏洞
D.存在跨站請求偽造漏洞


您可能感興趣的試卷