|
|
|
|
|
|
by sarciszewski
4010 days ago
|
|
|
As someone who's actively engaged in webappsec stuff, I concur with Thomas's observations. XSS is far more prevalent, and I'm more likely to find PHP Object Injection via unserialize() protected by weak md5/sha1 auth (or outright naked) than I am to find SQLi in modern PHP apps. |
|
|