|
Anytime you have
wSqlStmt = 'SELECT<..> ' + userEnteredValue;
The technical answer is _YES_ it is vulnerable.
It may be difficult (and involve more work than the average hacker
would be willing to do), but it could be done...
This example:
For example, the panel the user sees might have:
_Location
_Department
_Class
Where they would enter 1, 2, and 3 to denote the sort sequence. This
scenario would not be susceptible to injection, would it?
in which case you'd have
if sortLoc = 1;
wSqlStmt += ' ORDER BY location ';
endif;
if sortDept = 1;
wSqlStmt += ' ORDER BY department ';
endif;
<...>
doesn't directly concatenate the user value to the statement and this
is not vulnerable.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.