all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

From Prompt Injections to SQL Injection Attacks: How Protected is Your LLM-Integrated Web Application?. (arXiv:2308.01990v1 [cs.CR])

Add to bookmarks
Aug. 7, 2023, 1:10 a.m. | Rodrigo Pedro, Daniel Castro, Paulo Carreira, Nuno Santos

cs.CR updates on arXiv.org arxiv.org

Large Language Models (LLMs) have found widespread applications in various
domains, including web applications, where they facilitate human interaction
via chatbots with natural language interfaces. Internally, aided by an
LLM-integration middleware such as Langchain, user prompts are translated into
SQL queries used by the LLM to provide meaningful responses to users. However,
unsanitized user prompts can lead to SQL injection attacks, potentially
compromising the security of the database. Despite the growing interest in
prompt injection vulnerabilities targeting LLMs, the specific …

application applications attacks chatbots domains human injection injection attacks integration langchain language language models large llm llms middleware natural language prompts sql sql injection web web application web applications

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

Causal Inference with Differentially Private (Clustered) Outcomes 19 hours ago | arxiv.org
algorithm arxiv cs.cr cs.lg +12
An artificial neural network approach to finding the key length of the Vigen\`{e}re cipher 19 hours ago | arxiv.org
accuracy article artificial arxiv +9
Generic Selfish Mining MDP for DAG Protocols 19 hours ago | arxiv.org
analysis arxiv bitcoin breaking +15
Tight Differential Privacy Guarantees for the Shuffle Model with $k$-Randomized Response 19 hours ago | arxiv.org
algorithms arxiv cs.cr data +14
Succinct arguments for QMA from standard assumptions via compiled nonlocal games 19 hours ago | arxiv.org
argument arxiv building crypto +8
On Training a Neural Network to Explain Binaries 19 hours ago | arxiv.org
aid arxiv binary code +15
Transferring Troubles: Cross-Lingual Transferability of Backdoor Attacks in LLMs with Instruction Tuning 19 hours ago | arxiv.org
arxiv attacks backdoor backdoor attacks +14
Leveraging Label Information for Stealthy Data Stealing in Vertical Federated Learning 19 hours ago | arxiv.org
arxiv attack attacks cs.cr +16
An Extensive Survey of Digital Image Steganography: State of the Art 19 hours ago | arxiv.org
adoption art arxiv attention +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Azure DevSecOps Cloud Engineer II

@ Prudent Technology | McLean, VA, USA
View on infosec-jobs.com

Security Engineer III - Python, AWS

@ JPMorgan Chase & Co. | Bengaluru, Karnataka, India
View on infosec-jobs.com

SOC Analyst (Threat Hunter)

@ NCS | Singapore, Singapore
View on infosec-jobs.com

Managed Services Information Security Manager

@ NTT DATA | Sydney, Australia
View on infosec-jobs.com

Senior Security Engineer (Remote)

@ Mattermost | United Kingdom
View on infosec-jobs.com

Penetration Tester (Part Time & Remote)

@ TestPros | United States - Remote
View on infosec-jobs.com
View more jobs