WebApp Sec mailing list archives
SQL njection 2
From: falcifer <falcifer2001 () yahoo es>
Date: 20 Apr 2003 20:45:19 +0000
how can i insert an isert command in a sql sentence that looks like select * from parameter??? the database is access and when i try to insert something like pameter=table;insert%20into%20clientes(uspw,pwus)%20values('j','j') the ODBC returns this error error '80040e14' [Microsoft][Controlador ODBC Microsoft Access] Se encontraron caracteres después del final de la instrucción SQL. /visornew.asp, line 10 it means: "there are characteres after the the sql sentence" -- falcifer <falcifer2001 () yahoo es>
Current thread:
- SQL njection 2 falcifer (Apr 20)
- Re: SQL njection 2 Juan Carlos Reyes Muñoz (Apr 20)
- <Possible follow-ups>
- RE: SQL njection 2 Calderon, Juan C (CORP, DDEMESIS) (Apr 21)