Thread
:
File Upload Script Only Working Occasionally
View Single Post
01-02-2013, 07:06 PM
#
3
Village Genius
Status:
Geek
Join date:
Apr 2006
Location:
Denver, CO
Expertise:
Software
Software:
Chrome, Notepad++
Posts:
6,894
iTrader:
18
/ 100%
You are inserting stuff into your database without escaping it, making it vulnerable to SQL injection. Things like the file name are passed along like any other input string would be so an attacker could easily exploit that.
Village Genius
View Public Profile
Find More Posts by Village Genius