Hi, can anyone advise about another issue that occurred to me.
Basically, let's say the cracker know that in my application I create a
session variable named auth_user for valid users. Is there a way to
hack into it if he knows this session variable name?
Example:
On Wednesday, April 17, 2002, at 04:40 PM, Vladislav Kulchitski wrote:
Basically, let's say the cracker know that in my application I create a
session variable named auth_user for valid users. Is there a way to
hack into it if he knows this session variable name?
Example:
2 matches
Mail list logo