titaniumbunker.com

Evil geniuses and world domination are 2 of our goals... we also like Dr Who

Erm – something’s wrong here @smiffysuk

no comment

So searching for “Plumber Costume” revealed this.  Al that “Select” stuff – That’s SQL – or the query language used to look up things from Databases.  This isn’t great because I can deduce some of the storage architecture – but it doesn’t seem to be pasting the term Plumber Costume into the SQL that’s executed.  If it did include that then there is the possibility that this site would be vulnerable to something called a SQL injection attack.  It’s a bit worrying that the content passed in the search bar is printed – which may be a different vulnerability…

Not sure I should be seeing all that juicy SQL Smiffy…

Tags:

Comments are closed.



Categories

Archives

Tags