~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From: "jake williamson" <[EMAIL PROTECTED]> Subject: Re: sorted! Re: desperate! null detect just not working!!
: > Might want to work on your input validation: : > http://www.ultimatetackledealer.co.uk/exclusives/detail.asp?ID=a : : out of interest, how did you arrive at this url!!! only the home page : exclusicves should point to this page and the id passed should be a : number?? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ I picked a URL, and changed "1" to "a" to see what would happen. Try looking at something like: http://www.nextgenss.com/papers/advanced_sql_injection.pdf for SQL Injection attacks. You'll also want to check out cross-site scripting vulnerabilities as well (where someone puts malicious script/html into your database, eg via SQL Injection, and then this is displayed to other visitors of your site) Cheers Ken --- You are currently subscribed to activeserverpages as: [email protected] To unsubscribe send a blank email to [EMAIL PROTECTED]
