RSS FullRecent Posts
- Wednesday's security updates
- The Top 10 Open-Source CRM Solutions
- New SQL Injection Concept (Comments, 9e999, MySQL Specific)
- the reason I am bald with DPNs protruding from my eyes.
- Web site security testing
Recent Comments
- luca on XSS in mysql_error()
- Jacob Tuscon on SQL Power Injector 1.2 released - TechRepublic
- MySQL Security » MySQL Security Update Fixes Restrictions Bypass and Library … on MySQL Security Update Fixes Restrictions Bypass and Library ...
dsa-1557-1.txt
Filed under mysql-attacks
The PHP session data file stored the username and password of a logged in user, which in some setups can be read by a local user. Cross site scripting and SQL injection were possible by attackers that had permission to create cookies in …
application applications covers database databases developing event mysql nusphere portal sample security topics tuningapplication, applications, covers, database, databases, developing, event, mysql, nusphere, portal, sample, security, topics, tuning
Read more from the original source:
dsa-1557-1.txt
Related Posts
- Protecting against SQL injection (PHP/MySQL)
- MSSQL injection
- http://pastebin.org/8744
- Pro Active Record: Databases with Ruby and Rails
- DBAudit version 3.2 - Auditing solution for databases -
April 24th, 2008.
Leave a Comment