Hacker News new | ask | show | jobs
by throwawaaarrgh 1074 days ago
It's somewhat disheartening as a security enthusiast that people only focus on "popular" security bugs and ignore the rest. The other top 21 bug classes aren't as "cool" but they will let me hack your app just the same.
1 comments
HideousKojima 1073 days ago
Sure, but SQL Injection will let a script kiddie steal and/or drop your entire poorly configured production DB.
link
rainonmoon 1073 days ago
It also provides several paths to RCE depending on the environment, not just exfil.
link