| TIP: Click on subject to list as thread! | ANSI |
| echo: | |
|---|---|
| to: | |
| from: | |
| date: | |
| subject: | Re: Pi Hardware |
The Natural Philosopher writes: > Andy Burns wrote: >> Can I smuggle a single-quote and a semicolon into the $_POST[] >> array, so that you concatenate it onto your query string thinking >> it's merely a value? Yes I can. > > no. Try it What do you think will stop it? As far as I can see you have an absolutely standard SQL injection vulnerability. -- https://www.greenend.org.uk/rjk/ --- SoupGate-Win32 v1.05* Origin: Agency HUB, Dunedin - New Zealand | FidoUsenet Gateway (3:770/3) |
|
| SOURCE: echomail via QWK@docsplace.org | |
Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.