Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived General Discussion Site Was Hacked
Site Was Hacked
  • El Forum
    Guest
  •  
#10
08-21-2009, 08:19 AM

[eluser]Johan André[/eluser]
Injection can be SQL - or "file" injection.
Image a uploadform that does not block scripts (.php/.php3/.php4/.php5/.exe/.bat etc.)...
A user can easily upload a malicious file and then (when the actual upload-path is figured out) execute it through the browser...

I guess you could even write a script that accesses the webroot and you should be able to download / upload however you want...


Messages In This Thread
Site Was Hacked - by El Forum - 08-20-2009, 08:07 PM
Site Was Hacked - by El Forum - 08-20-2009, 09:24 PM
Site Was Hacked - by El Forum - 08-20-2009, 10:01 PM
Site Was Hacked - by El Forum - 08-20-2009, 10:19 PM
Site Was Hacked - by El Forum - 08-21-2009, 04:41 AM
Site Was Hacked - by El Forum - 08-21-2009, 06:06 AM
Site Was Hacked - by El Forum - 08-21-2009, 06:46 AM
Site Was Hacked - by El Forum - 08-21-2009, 06:53 AM
Site Was Hacked - by El Forum - 08-21-2009, 07:15 AM
Site Was Hacked - by El Forum - 08-21-2009, 08:19 AM



Theme © iAndrew 2016 - Forum software by © MyBB