SQL Injection??

#sql #security #webdev

So I was working on a PowerPoint to teach some techs how to identify immunohistochemical stains and mistyped a " ' " in our vendor's search box...

Lo and behold, an error message from MYSQL server popped up. It returned a syntax error and recommended changes.

I could be wrong, but I'm pretty sure this means that the search bar was interfacing directly with their server.

I've emailed their IT support in hopes that they'll look into it. It's funny how something from an IT security class I took months ago just popped up in my head like that.

Top comments (1)

Alex Sinclair • Jul 1 '19

Oh that's excellent. I mean, awful, but excellent.

Avoiding Connection Pinning in Lambda and RDS Proxy with NestJS and Proxy Splitting

Atsushi Suzuki - Nov 2

Why Homelab Users Need a WAF

Carrie - Nov 6

How To Configure Multiple Git Accounts with SSH on Your Local Machine

Samuel K.M - Nov 18

From WHOIS to SSL: How DNS Checker Pro Unveils the Hidden Details of Any Website

Rez Moss - Nov 6

DEV Community