Full Disclosure mailing list archives

Re: Cookie based SQL Injection

From: "Zach C." <fxchip () gmail com>
Date: Tue, 6 Mar 2012 12:54:46 -0800

Even so, watch all the advisories pour in now for "cookie-based SQL
injection." :/
On Mar 6, 2012 12:44 PM, <Valdis.Kletnieks () vt edu> wrote:

On Tue, 06 Mar 2012 14:28:51 CST, Adam Behnke said:

Unlike other parameters, cookies are not supposed to be handled by users.


Any site that designs its security model around that concept will get what
it richly deserves.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Cookie based SQL Injection Adam Behnke (Mar 06)
- Re: Cookie based SQL Injection Valdis . Kletnieks (Mar 06)
  - Re: Cookie based SQL Injection Zach C. (Mar 06)
    - Re: Cookie based SQL Injection Benji (Mar 06)