Can you see the security vulnerability in the following snippet of code?
string returnValue = String.Empty;
string sql =
"select description from products where prodID = '"
+ Request.Params["pid"] + "';";
SqlCommand sqlcmd = new SqlCommand(sql);
sqlcmd.Connection = sqlConn;
SqlDataReader sdr = cmd.ExecuteReader();
returnValue = (string)sdr;
I'd shoot anyone who deployed code like that!ReplyDelete
I would stand still while being shot if I produced code like that...ReplyDelete
Someone is obviously unfamiliar with the using operator.ReplyDelete
Assuming your question wasn't rhetorical, yes. It's a textbook example of a SQL injection vulnerability.
0h i feel lucky can find this good article..ReplyDelete
now i find something that i want to know, thank you..
i would send a request with pid :ReplyDelete
nothing' union select 'dead man' as description; DROP TABLE products; --