Penetration Testing mailing list archives
Re: PHP and MySQL
From: AdamT <adwulf () gmail com>
Date: Thu, 19 Jan 2006 10:55:37 +0000
On 1/18/06, John Madden <chiwawa999 () yahoo com> wrote:
Hi, I'm pentesting a web site and i get the following error message while using a single quote: ex. /confirm.php?conf='test123 Warning: mysql_fetch_row(): supplied argument is not a valid MySQL result resource in /xx/xx/confirm.php on line 5
It could be that the table/database being queried in the script is non-existent. Eg: Their MySQL command tries to lookup a row in 'mytable' 'mydatabase'. but neither exists. -- AdamT "Maidenhead is *not* in Kent" ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- PHP and MySQL John Madden (Jan 18)
- Re: PHP and MySQL AdamT (Jan 19)
- Re: PHP and MySQL Josh Zlatin-Amishav (Jan 19)
- <Possible follow-ups>
- RE: PHP and MySQL Derick Anderson (Jan 19)
- Re: PHP and MySQL dork (Jan 20)
- Re: PHP and MySQL Edy (Jan 23)