Oracle VM Consulting
view counter

Forbidden PL/SQL

Thanks to Jeff Kemp for this story

What’s the biggest clue you can give that your database is vulnerable to SQL injection? When your list of “forbidden words” looks suspiciously like a sample of SQL / PL/SQL keywords:

view counter

I notice that they haven’t forbidden BEGINCREATE, MERGE, or TRUNCATE

Congressman Peters, your IT staff are doing it wrong.


Read the entire article at its source

view counter