|
|
|
|
|
|
by kgeist
346 days ago
|
|
|
It's more common than you'd think, even today. A lot of sites I recently explored leave SQL injections as is (you can see the typical MySQL errors) and rely on some kind of "security plugin" provided by a third-party for their framework of choice which checks if a URL contains something which resembles an SQL injection attempt (such as "UNION SELECT" in query params). |
|
|