|
|
|
|
|
|
by Sandman
6045 days ago
|
|
|
I just checked your app for sql injection. The password I chose while registering a new list was d'artagnan and, sure enough, I was granted access without any error message whatsoever, but once I logged out I couldn't log in again. I thought that you might have removed the ' character automatically, but I also tried with dartagnan and couldn't log in either. |
|
|