Re: sql inject on nm.debian.org

Hi, On Mon, Feb 20, 2012 at 12:30:29PM +0100, Ferenc Kovacs wrote: > https://nm.debian.org/nmstatus.php?email='" > produces > Problem with queryERROR: unterminated quoted identifier at or near ""asd'" > LINE 1: SELECT * from applicant WHERE email=''"' ^ Thanks for the notice. "To report a proble

sql inject on nm.debian.org

https://nm.debian.org/nmstatus.php?email='" produces Problem with queryERROR: unterminated quoted identifier at or near ""asd'" LINE 1: SELECT * from applicant WHERE email=''"' ^ -- Ferenc Kovács @Tyr43l - http://tyrael.hu