Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Q and A for any cross site scripting information. Feel free to ask away. 

Current Page: 1 of 1
Results 1 - 3 of 3
3 years ago
plaverty
I saw this "spot the vuln" this week, and I see that it makes more sense to stick with the action="" but the part I'm not wrapping my head around yet, because I'm a newbie is how would this be exploited? <form action="<? echo $_SERVER; ?>" method="POST"> Thanks you.
Forum: XSS Info
5 years ago
plaverty
I have a PHP app I'm writing and one page puts the MySQL database record id in the URL for the next page and the next page uses the id to look up the record. The id in the table is an int. So based on this, if I put in a check to make sure the value from GET is numeric, is that enough to safeguard me, or is it possible to still inject the db? My other thought is after I determine that the val
Forum: SQL and Code Injection
7 years ago
plaverty
https://careers.brown.edu/applicants/jsp/shared/frameset/Frameset.jsp?time=1183058264632 Job Title Lead IT Security Specialist Job Number B00939 Grade Level 11E Duration of Job Regular Hours per Week 37.50 Months per Year 12 regular hours (Mon-Fri, 8:30-5:00) Position Summary The Lead IT Security Specialist is responsible for design, impleme
Forum: Jobs
Current Page: 1 of 1