You must log in or register to comment.
How to say you’re vulnerable to code injection without saying you’re vulnerable to code injection.
Are they vulnerable though, if they already exclude it at the user input?
I yet have to learn SQL and is there a way to allow passwords with '); DROP TABLE… without being vulnerable to an injection?
nevermind i googled it, and there various ways to do so
So they’re not hashing or salting the passwords too. Cool…
Looking at that I wouldn’t be surprised if those rules are just client-side validation.