On Monday 06 December 2004 12:31, you wrote:
> Derek Fountain <[EMAIL PROTECTED]> writes:
> > If another SQL Injection vulnerability turns up (which it might, given
> > the state of the website code),
>
> You will never see another SQL injection vulnerability if you simp
A customer of mine recently asked me to try a penetration test on his website,
and I found a nice SQL Injection vulnerability. Using that vuln I was able to
wander round his DB at will, viewing customer information, user logins,
passwords, the lot. He asked me to make some recommendations, of wh
