Rectangle 27 0

php Sql injection vulnerability?


I'd count any disclosure of information as dangerous - if this doesn't get fixed now, what happens in the future when/if more sensitive information is placed onto that database? What if existing data is modified in a malicious fashion?

SQL Injection is very easy to protect against, and if you know of a possible vulnerability it should be fixed ASAP, regardless of what is deemed sensitive. Just my 2c.

Note
Rectangle 27 0

php Sql injection vulnerability?


If you are able to detect columns names from SQL injections, it means it is violatable.

It also means you could easily brute force attack a webpage and detect all the structure, users, export the data, etc... So yeah, site IS vulnerable and it goes much farther than "My data is public so i don't care"...

Thanks Mathieu, actually, this database only stores NEWS, not vital info, but would be very bad if editable. That answer was very enlightening, if you don't mind i'll use your words as mine :P , i'll give you the points you deserve.

The hacker could find a way to insert data into the database, create some phishing, steal data from XSS attacks that he inserts into the database. There are tons of reasons to take this seriously. SQL injection doesn't mean that the hacker can only read your data, it can lead to serious compromises...

Note
Rectangle 27 0

php Sql injection vulnerability?


If you are able to detect columns names from SQL injections, it means it is violatable.

It also means you could easily brute force attack a webpage and detect all the structure, users, export the data, etc... So yeah, site IS vulnerable and it goes much farther than "My data is public so i don't care"...

Thanks Mathieu, actually, this database only stores NEWS, not vital info, but would be very bad if editable. That answer was very enlightening, if you don't mind i'll use your words as mine :P , i'll give you the points you deserve.

The hacker could find a way to insert data into the database, create some phishing, steal data from XSS attacks that he inserts into the database. There are tons of reasons to take this seriously. SQL injection doesn't mean that the hacker can only read your data, it can lead to serious compromises...

Note