client9
commented
11 years ago fixed in 3.0.0-pre5 to 3.0.0-pre6
Closed client9 closed 11 years ago
client9
commented
11 years ago fixed in 3.0.0-pre5 to 3.0.0-pre6
One attack against libinjection is cases where you can pad out the start using comma separated values.
1,2,3,4,5,6 UNION ALL ...
comma separated values should be folded into one value
1 UNION ALL ...