|
|
|
|
|
|
by tptacek
5467 days ago
|
|
|
I think it's slightly more likely that they think it might be true, and they want it to be true, so they're going to be incurious. Either way, my only real point is: there's probably going to be SQLI somewhere in that app too. And if they take file uploads anywhere, my guess is you'll be able to run code remotely. (I know neither of these things to be true for a fact and am just making a rhetorical point.) |
|
|