> The metric is this: How many websites have remote anonymous SQLi as a > percentage.
What's a "website"? A self-contained UI? A DNS label? A box that some webserver runs on? In any case, if you have a complex web app that uses SQL, and you don't use prepared statements (both of these criteria are common), I think your odds of having a discoverable vulnerability are a lot higher than speculated in this thread. I'd say 50%+. I pulled this out of thin air, based on anecdotal first-hand experience. I.e., it's about as substantiated as any other number we'll see here ;p But a more pertinent question is this: if you are an organization that uses SQL with no special engineering controls, what are the odds that at least one of your web servers will be affected by SQLi? And that's probably uncomfortably close to 100%. /mz _______________________________________________ Dailydave mailing list [email protected] http://lists.immunityinc.com/mailman/listinfo/dailydave
