Friday, June 5, 2009

XSS, Command and SQL Injection vectors: Beyond the Form

This article is less of a "how to" and more of an inspiration piece. I wanted to kick start your brain into thinking about alternate ways of exploiting a system, especially when it comes to the sanitation of input. We are all used to the idea of injecting an XSS, SQL or a command string into a web form, but what about other vectors for injection?

See irongeek

No comments: