All geek questions in one place

What is second level SQL injection

What is all about second-level SQL injection. This relates to the issue of Using parameters for mysql_query .. and part of one of the answers had this term ...

+2
source share
2 answers

I'm not quite sure, but I thought that this message is defined in the message: Using parameters for mysql_query

Exposure (see paragraph 2):

magic_quotes_gpc automatically avoids the things you get in requests from clients ... but he cannot detect the so-called second-level injections:

  • . magic_quotes_gpc SQL-; .
  • . , magic_quotes_gpc . Voilà, SQL-; , , .

googled (http://www.osix.net/modules/article/?id=624):

, SQL . , , , EXEC MS SQL Server, . .

+2

, "" , SQL Injection. < insert icon icon > SQL-... ! XD

Parameterized Statementments. , , SQL-.

0

Source: https://habr.com/ru/post/1726120/

More articles:


All Articles