HomeForumsBugs
 Database Security. Database Auditing. Database Caching. Database Masking. Get it now

Bypassed..

Posted January 20th, 2009 by eltan
in

Another easy bypass to share:

user: any
password: foo') or name=concat('ad','min

‹ Logging Bug? Or something bigger...?! Fail to combine Drupal with GreenSQL ›

Comments

ummm.. looking at the forum,

On January 20th, 2009 eltan says:

ummm.. looking at the forum, it seems it's not a 'new' subject.. this query looks like legitimate query..

So I'd better use whitelist.

Hello Eltan You are right.

On January 20th, 2009 yuli says:

Hello Eltan

You are right. You need to use firewall mode to cope with such queries.

Best regards,
Yuli

Back to top