On 7 June 2011 09:49, David Gelvin <[email protected]> wrote: > So a note to all web admins out there: CLEAN YOUR INPUTS. If 'item' > should always be an integer, raise a 404 if it's anything other than an int. > And if you didn't write the code, but you're responsible for it, test for > these vulnerabilities. Test using sqlmap, because you know others will if > you don't. >
Plus I'd say start by securing the username and password for the 'admin' account, which at the moment is set to the default. -- Hari
_______________________________________________ The Uganda Linux User Group: http://linux.or.ug Send messages to this mailing list by addressing e-mails to: [email protected] Mailing list archives: http://www.mail-archive.com/[email protected]/ Mailing list settings: http://kym.net/mailman/listinfo/lug To unsubscribe: http://kym.net/mailman/options/lug The Uganda LUG mailing list is generously hosted by INFOCOM: http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The mailing list host is not responsible for them in any way.
