|
|
|
|
|
|
by Supermancho
1635 days ago
|
|
|
> an SQL injection could also be "just a query parameter" and the server would haply reply with a 200. (true) > With a sql injection, you have to willfully provide an input with the hope that it results in injection (false) > If I send you a link that happens to include arguments that happen to be a SQL injection (or my cat steps on my keyboard in just the right way), there was no intent. (true) > Your intent by crafting such a link was clear. (irrelevant) You can have SQL injection without intent, as I have adequately explained. This redirection to an "original actor" is a bad faith argument toward finding if there is someone culpable. The poster I responded to, made a bad general assertion and I stand by it. GL with whatever. |
|
|