Skip to content

Forbidden PL/SQL

April 30, 2012

What’s the biggest clue you can give that your database is vulnerable to SQL injection? When your list of “forbidden words” looks suspiciously like a sample of SQL / PL/SQL keywords:

I notice that they haven’t forbidden BEGINCREATE, MERGE, or TRUNCATE

Congressman Peters, your IT staff are doing it wrong.

Via: http://thedailywtf.com/Articles/Out-of-Service.aspx#pic4

About these ads

From → Oracle

Comments are closed.

Follow

Get every new post delivered to your Inbox.

Join 216 other followers

%d bloggers like this: