2 Replies - 9831 Views - Last Post: 15 April 2011 - 12:14 AM Rate Topic: -----

#1 CTphpnwb  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 2911
  • View blog
  • Posts: 10,082
  • Joined: 08-August 08

Here's why you should worry about SQL injection attacks

Posted 03 April 2011 - 07:11 AM

For those of you who "just want to get it working" here's something to think about:
http://money.cnn.com...amoon/index.htm
If those sites had done simple things like scrub their user input or use PDO, lizamoon wouldn't be a news story.
Is This A Good Question/Topic? 1
  • +

Replies To: Here's why you should worry about SQL injection attacks

#2 Jstall  Icon User is offline

  • Lurker
  • member icon

Reputation: 434
  • View blog
  • Posts: 1,042
  • Joined: 08-March 09

Re: Here's why you should worry about SQL injection attacks

Posted 03 April 2011 - 11:24 AM

Yup, totally avoidable loss brought about in part by lazy/second-rate developers. That's what $5/hr for a dev will get you :P

This post has been edited by Jstall: 03 April 2011 - 11:25 AM

Was This Post Helpful? 0
  • +
  • -

#3 creativecoding  Icon User is offline

  • Hash != Encryption
  • member icon


Reputation: 926
  • View blog
  • Posts: 3,205
  • Joined: 19-January 10

Re: Here's why you should worry about SQL injection attacks

Posted 15 April 2011 - 12:14 AM

I have this directory where I just write random scripts that come to mind. They never are completed. It's like a scrapyard in there. So I was basically writing a script for uploading and managing files. I thought that nobody even visited my site so I never bothered to check the file size/file extension. A while ago, I was looking through my files to see what I should port over to my new server, and I found two new files! Apparently, some script kiddy got his hands on some hacks and uploaded it to my server. The script itself did nothing more than viewing a few secret docs I couldn't care less about (the best it had was a list of every username withing my host server). I immediately deleted the files.
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1