Tipo de
ataques contra servidores en red. Consisten en introducir caracteres extraños
en las peticiones para abusar de programas poco robustos en el lado servidor.
El ánimo es sortear los controles de datos de entrada para llegar a ejecutar
tareas no permitidas.
An attack technique used to
exploit web sites by sending in meta-characters, which have special meaning to
a web application, as data input. Meta-characters are characters that have
special meaning to programming languages, operating system commands, individual
program procedures, database queries, etc. These special characters can
adversely alter the behavior of a web application.
http://www.webappsec.org/projects/glossary/