Tuesday, May 13th, 2008
The mass SQL injection attacks we've mentioned here and here are increasing in numbers and we're seeing more domains being injected and used to host the attack files and we believe that there are now more than one group using a set of different automated tools to inject the code.
Previously ...
Posted in Internet, Security | No Comments
Wednesday, April 30th, 2008
If you allow user-contributed content in your site, you run into the problem of dealing with user supplied HTML in a safe manner. The most secure way of dealing with things, of course, is to strip or escape all HTML from user input fields. Unfortunately, there are many situations where ...
Posted in Coding, Internet, Security | No Comments
