On Sun, May 6, 2018 at 11:34 PM, Rowan Worth <row...@dug.com> wrote: > Amusing -- but without the leading single-quote it would take intentional > effort for a programmer to detonate this payload. > > Its omission is interesting though. Does it indicate an incompetent > attacker, or is companieshouse.gov.uk using some bespoke approach like > "delete all single quotes" instead of actually quoting strings?
It could just indicate someone with a sense of humor who crafted a name that looks like an injection attack for their company. _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users