Browse by Tag

blog blog archive categories code css database database security databases development exploit flat guitar hosting injection internet javascript Links linux menu mysql MySQL Security mysql shell new news oracle password php php mysql security programming rails really simple syndication registerwidget search security seo server software sql sql injection table technology update users utf vulnerability web widgetinfo widgetmanager wordpress xml

0×000000 # The Hacker Webzine : Massive SQL Injection Attack on MS …

2) MS SQL “allows query stacking by separating the queries” which confirms the exploit. What? Is this like allowing multiple queries with a semicolon? But MySql and Postgresql do that as well, unless you use a “prepare” statment. …
blog database …

Read the original here:
0×000000 # The Hacker Webzine : Massive SQL Injection Attack on MS …

attack day day macha humour macha mysql politics powered by tumblr server from what sql technology tumblr workattack, day, day macha, humour, macha, mysql, politics, powered by tumblr, server from what, sql, technology, tumblr, work

RailsConf Europe 2007: Day Three

no strip_tags (you can go around and still inject some code) - use sanitize, SafeERB plugin SQL Injection - Unauthorized reading (without using [] in finds) - Needs ‘, ” or nil + line break - Conditions hash Interpreter Injection …
programming red hat security updates slaptijack softwareprogramming, red …

See the original post here:
RailsConf Europe 2007: Day Three

apple blog day mac news newton gra2 com opinion programming rails ruby technology windowsapple, blog, day, mac, news, newton gra2 com, opinion, programming, rails, ruby, technology, windows