SQL Injection Attack Detected via libinjection |
i see the mention of OWASP and so i guess its going to perhaps involve the use of zap ? Their testing app
it also seems to mention sendmail and contact. Now I have a clone of my web running Apache (localhost) on Arch Linux I have a view which has a contact form; the text goes to a controller; there is a little bit of checking and if everything is ok it goes to PHPMailer to send an email direct to my email account. So that process doesn't even involve a database. Using zap on the url that serves up my web 127.0.0.x zap flagged up some issues; i took it as a false positive. Bit in your case is there any interaction with a database to retrive date in which case you migth have to look a bit deeper. In my case sql injection can't be involved on my form->controller-> creates email because the process doesn't even touch a db |
Messages In This Thread |
SQL Injection Attack Detected via libinjection - by magiwells - 11-30-2021, 06:59 AM
RE: SQL Injection Attack Detected via libinjection - by captain-sensible - 12-02-2021, 06:18 AM
|