Home Alerts

Alerts

Updates: 14/05/07 Added link to new version David Kierznowski of Operation n has discovered a serious flaw in the Akismet anti-spam plugin that comes by default with the latest version of WordPress (2.1.3). It has not been confirmed as yet, but I believe this will affect all versions of the plugin. The vendor has been notified, and more information regarding the vulnerability...
Related articles: SQL Injection Cheat Sheet We sometimes carelessly throw characters up and about in an attempt to find a gem. This paper covers miscellaneous injection characters and their meanings when applied to web application testing. Character(s) Details NULL or null Often produces interesting error messages as the web application is expecting a value. It can also help us determine if the backend is...
Related articles: Input Validation Cheat Sheet (Want to find other input validation problems?) Table of Contents Generic - Bypass Authentication Microsoft SQL Sybase MySQL Oracle PostgreSQL DB2 Ingres Bypass SQL Injection Filters References and Credits ChangeLog Date Change 09/07/07 DB2 Database SQL Injection Cheatsheet(Author: pentestmonkey.net) 09/07/07 Ingres Database SQL Injection Cheatsheet (Author: pentestmonkey.net) 13/03/07 Bypass SQL Injection Filters 03/01/06 Added some more blind SQL injection tests for MySQL (Author: jungsonn) 21/12/06 Added Concat tests for blind SQL Injection tests. 06/Nov/06 Added PostgreSQL payloads 06/Nov/06 Added Data to...