Karyum
commented
4 years ago they very much are (SQL injection though not script injection), you guys need to use parameterized values to avoid an sql injection <- click this link
Open MoradAbed opened 4 years ago
Karyum
commented
4 years ago they very much are (SQL injection though not script injection), you guys need to use parameterized values to avoid an sql injection <- click this link
I guess the SQL queries are exposed to script injections when inserting a new item to the database. for example; https://github.com/WebAhead5/CarShare/blob/master/database/queries.js#L41