[Serusers] sql injection

Joao Pereira joao.pereira at fccn.pt
Tue Mar 1 18:40:36 CET 2005

Previous message: [Serusers] Re: [Serdev] Better NAT support in registrar
Next message: [Serusers] sql injection
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,
I just noticed that SER and his sql modules arent sql injection free. I
mean, they are vulnerable to the input of bad words (drop, remove,
insert,...) or the existence of the character " ' ". Is there any SER
version thats free from it? Or do I have to change and recompile my SER
code?

Thanks
Joao

Previous message: [Serusers] Re: [Serdev] Better NAT support in registrar
Next message: [Serusers] sql injection
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the sr-users mailing list