WebApp Sec mailing list archives

RE: SQL njection 2

From: "Calderon, Juan C (CORP, DDEMESIS)" <Juan.Calderon () ddemesis ge com>
Date: Mon, 21 Apr 2003 14:06:20 -0400

Hi there!

********
pameter=table;insert%20into%20clientes(uspw,pwus)%20values('j','j')

the ODBC returns this error

error '80040e14' 

[Microsoft][Controlador ODBC Microsoft Access] Se encontraron caracteres
después del final de la instrucción SQL. 
********

This error occurs because of the ";" character, Access do not allow SQL Blocks (multiple SQL statements) but simple 
commands and sub queries.

cheers

Current thread:

SQL njection 2 falcifer (Apr 20)
- Re: SQL njection 2 Juan Carlos Reyes Muñoz (Apr 20)
- <Possible follow-ups>
- RE: SQL njection 2 Calderon, Juan C (CORP, DDEMESIS) (Apr 21)