 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 267
 Members: 0
 Total: 267
|
|
|
|
|
|
Full disclosure |
|
CyberDanube Security Research 20251014-0 | Multiple Vulnerabilities in Phoenix Contact QUINT4 UPS
apis.google.com - Insecure redirect via __lu parameter(exploited in the wild)
Urgent Security Vulnerabilities Discovered in Mercku Routers Model M6a
Re: Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS)
Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS)
[SBA-ADV-20250730-01] CVE-2025-39664: Checkmk Path Traversal
[SBA-ADV-20250724-01] CVE-2025-32919: Checkmk Agent Privilege Escalation via Insecure Temporary Files
CVE-2025-59397 - Open Web Analytics SQL Injection
Re: [FD]Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Re: Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Re: Defense in depth -- the Microsoft way (part 93): SRP/SAFERwhitelisting goes black on Windows 11
Re: [FD]: "Glass Cage" – Zero-Click iMessage ? Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
Re: [FD]Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Samtools v1.22.1 Uncontrolled Memory Allocation from Large BED Intervals Causes Denial-of-Service in Samtools/HTSlib
Samtools v1.22.1 Improper Handling of Excessive Histogram Bin Counts in Samtools Coverage Leads to Stack Overflow
|
|
|
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
Is this... ? |
|
 Posted: Tue Jul 27, 2004 5:42 pm |
 |
|
| rain |
| Regular user |
 |
|
| Joined: Jun 29, 2004 |
| Posts: 12 |
|
|
|
 |
|
 |
|
| Code: |
$result=mysql_query("SELECT * FROM user WHERE id='$id'",$db);
$row=mysql_fetch_row($result);
titulo("$row[1]");
echo"<p>$row[2]</p>";
|
Is this vurnable to sql injection? I think it is??? |
|
|
|
|
|
|
|
|
| Posted: Fri Aug 13, 2004 12:14 am |
|
|
| Imster |
| Beginner |
|
|
| Joined: Aug 13, 2004 |
| Posts: 3 |
|
|
|
|
|
|
|
| Quote: | Code:
$result=mysql_query("SELECT * FROM user WHERE id='$id'",$db);
$row=mysql_fetch_row($result);
titulo("$row[1]");
echo"<p>$row[2]</p>";
Is this vurnable to sql injection? I think it is??? |
It depends on the variable $id, if you are using stripslashes() then your fairly safe (safer than not using it anyway).
| Code: |
$id = stripslashes($id);
$result=mysql_query("SELECT * FROM user WHERE id='$id'",$db);
$row=mysql_fetch_row($result);
titulo("$row[1]");
echo"<p>$row[2]</p>";
|
Or if your going to be passing all sorts of variables at different times on different pages...you could make a custom function and include it on all pages where you want to make a variable safe. For example:
Make the file safe_inc.php and put:
| Code: |
function MakeSafe($sfe)
{
$sfe = stripslashes($sfe);
// add any custom code to make vars safe
return $sfe;
}
|
Then in the page you want to make safe...add this to the beginning:
| Code: |
include_once('safe_inc.php');
|
And then when you want to make a var safe do:
| Code: |
MakeSafe($variable_name);
|
I know its a long post to a simple question but I just wanted to show the methods to make vars safe in PHP in case any of you were at all interested. If not then I just wasted a minute of your life..
(Ps hi people im new here) |
|
|
|
|
|
|
|
|
| Posted: Sun Aug 15, 2004 9:30 pm |
|
|
| madman |
| Active user |
 |
|
| Joined: May 24, 2004 |
| Posts: 46 |
|
|
|
|
|
|
|
Just an addition. Use addslashes instead of stripslashes. 
This code can be used to sanitize single- or double-quote regardless of magic quotes in effect:
| Code: | function quote_me($str) {
while (preg_match('/\[\'"]?/', $str)) $str = stripslashes($str);
return addslashes($str);
}
$id = "0' OR password<>'";
$id = quote_me($id);
$sql = "SELECT username FROM table WHERE id = '$id'"; |
Use the previous method (that was called "safe" stripslashes), this is what we got:
| Code: | | SELECT username FROM table WHERE id = '0' OR password<>'' |
It will produce a doom!
Using addslashes, the SQL query string would be:
| Code: | | SELECT username FROM table WHERE id = '0\' OR password=\'' |
That's what should called S A F E. |
|
_________________
ch88rs,
madman |
|
|
|
| Posted: Wed Aug 18, 2004 10:55 am |
|
|
| Imster |
| Beginner |
|
|
| Joined: Aug 13, 2004 |
| Posts: 3 |
|
|
|
|
|
|
|
heh thanks. Will change my habbit now  |
|
|
|
|
| Posted: Wed Aug 18, 2004 7:42 pm |
|
|
| madman |
| Active user |
|
|
| Joined: May 24, 2004 |
| Posts: 46 |
|
|
|
|
|
|
|
| To be honest, I never rely on addslashes() function only. |
|
_________________
ch88rs,
madman |
|
|
|
www.waraxe.us Forum Index -> Sql injection
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
