Wow, wow, very interesting!

On Thu, 20 Jul 2000, Sean G Richards wrote:
> <form action="search_result" method="get">
> <h2><dtml-var document_title></h2>
> <input name="select_statment" value="select * from courses_description
> ">
> <input name="where_statement" value=" where subject = 'ee'">
> <input type="SUBMIT" name="SUBMIT" value="Submit Query">
> </td></tr>
> </table>
> </form>

   Plese send me the real URL of the form ASAP. I will download the page,
replace "select *" with "DELET FROM" and submit the form!
   Never saw nicer security hole! :)

Oleg.            (All opinions are mine and not of my employer)
    Oleg Broytmann      Foundation for Effective Policies      [EMAIL PROTECTED]
           Programmers don't die, they just GOSUB without RETURN.

Zope maillist  -  [EMAIL PROTECTED]
**   No cross posts or HTML encoding!  **
(Related lists - )

Reply via email to