SQL injection attack

SQL injection attack

El Forum
Unregistered

06-03-2013, 07:43 AM

[eluser]frederico[/eluser]
The initial query for forgot password i found out wasn't checking if the email address is registered so it was sending a new password regardless.

The query was actually a simple:

$this->db->where('col_name','val');
$this->db->update('table_name',array);

The array has the values to be updated in the db...

I tried to do some injections myself but none went through. I have changed my cpanel password. It most likely was a brute force attack as it was characterised by denial of service.

Messages In This Thread

SQL injection attack - by El Forum - 06-02-2013, 10:04 AM

SQL injection attack - by El Forum - 06-02-2013, 10:03 PM

SQL injection attack - by El Forum - 06-03-2013, 02:31 AM

SQL injection attack - by El Forum - 06-03-2013, 02:32 AM

SQL injection attack - by El Forum - 06-03-2013, 06:18 AM

SQL injection attack - by El Forum - 06-03-2013, 06:33 AM

SQL injection attack - by El Forum - 06-03-2013, 07:43 AM

SQL injection attack - by El Forum - 06-03-2013, 07:54 AM

SQL injection attack - by El Forum - 06-04-2013, 05:33 AM

SQL injection attack - by El Forum - 06-05-2013, 08:30 PM

SQL injection attack - by El Forum - 06-08-2013, 04:46 PM

SQL injection attack - by El Forum - 08-22-2013, 06:41 AM

SQL injection attack - by El Forum - 08-22-2013, 07:45 AM

SQL injection attack - by El Forum - 08-23-2013, 03:39 AM

SQL injection attack - by El Forum - 08-23-2013, 06:51 AM

SQL injection attack - by El Forum - 08-23-2013, 06:55 AM

SQL injection attack - by El Forum - 08-23-2013, 08:17 AM

SQL injection attack - by El Forum - 08-25-2013, 03:29 AM

SQL injection attack - by El Forum - 08-27-2013, 01:37 AM