I tried a stupid sql operation to add user data (such as gold coins), and then add the number of user operations in the database.Sorry,not my open source code。
sorry,I may understand the wrong title.But if you only say php specific vulnerabilities,Should only be file include bug and some php Internal implementation vulnerability.
CVE-2017-16871 In fact, it is not common in php (golang is more). It is hard exploit and hard to find, but I can't ignore it, which leads me to check code like multi-step sql operation frequently.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Some example? I have no problem with this.
I tried a stupid sql operation to add user data (such as gold coins), and then add the number of user operations in the database.Sorry,not my open source code。
Use complex SQL or transaction.
Yes. So I was stupid at the time.But sometimes I can't use sql ransaction. Because maybe I are calling an external api or other operation.
This is not vulnerability PHP. This is bad manipulation with database.
sorry,I may understand the wrong title.But if you only say php specific vulnerabilities,Should only be file include bug and some php Internal implementation vulnerability.
CVE-2017-16871 In fact, it is not common in php (golang is more). It is hard exploit and hard to find, but I can't ignore it, which leads me to check code like multi-step sql operation frequently.