Home page logo
/

pen-test logo Penetration Testing mailing list archives

bypass input filter (SQL Injection / XSS)
From: "Rick Zhong" <sagiko () gmail com>
Date: Tue, 22 Aug 2006 23:37:40 +0800

Hi,
Are there any SQL injection or XSS techniques to bypass server-side
input validation which filter special characters including  \ ' " ( )
< > =

I also noticed that @ is allowed, but on a Oracle server? Can @ cause any harm?

regards,
Rick

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
  • bypass input filter (SQL Injection / XSS) Rick Zhong (Aug 23)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault