On 19-Aug-09, at 10:17 PM, Shirish Padalkar wrote:
This feedback.asp file is prone to SQL injection. The asp file isn't checking for the special characters in feedback or not escaping it.
Malicious users can exploit this thing to destroy the database. :(
Didn't they get a good programmer?
Its the government.. which of their websites have ever used a good programmer..?
Regards,
Sameep [tuxdvds.com] The Best Online Linux Distro Store
On Wed, Aug 19, 2009 at 2:52 PM, Mehul Ved mehul.n.ved@gmail.com wrote:
On Wed, Aug 19, 2009 at 8:06 PM, Kumar Appaiah<a.kumar@alumni.iitm.ac.in
wrote:
Not sure, but I could submit feedback using Mozilla Firefox. I very much did, and expressed disappointment at not being able to access the service due to it's being based on proprietary solutions. I would request others to do the same, please.
OK, I just did it and it worked this time. OS - ubuntu 9.04 browser - chromium Just in case that matters anyway. -- http://mm.glug-bom.org/mailman/listinfo/linuxers
-- _____ S H I R I S H _____ -- http://mm.glug-bom.org/mailman/listinfo/linuxers