Hello,

 quick question regarding blind sql testing and false positive.

 we have a cgi that tests the users email address.
 if not properly formatted it is displayed as "'foo' is not a valid email address"

 would that cause a false positive? (different page returns)

thanks,

anon


_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus

Reply via email to