Forum

HomeHomeCoreCoreGeneralGeneralOWS and SQL InjectionOWS and SQL Injection
Previous
 
Next
New Post
5/27/2016 7:53 AM
 

I found OWS ListX is vulnerable to SQL Injection.

One of my website page accepts sql scripts in a query string parameter though I have selected “Protect against SQL Injection”

This parameter is used in a select statement.

Is there any setting I can do to protect from SQL scrips being injected in my OWS ListX?

New Post
5/27/2016 7:58 AM
 

Use of COALESCE to replace a single apostrophe with 2 -

[COALESCE,txt_description,FORM,"{REPLACE:',''}"]

New Post
5/30/2016 4:38 AM
 

Thank you. But is that a built in feature or I need to modify my sql query to replace ' by ''

Previous
 
Next
HomeHomeCoreCoreGeneralGeneralOWS and SQL InjectionOWS and SQL Injection


 

New York, NY • Baltimore, MD • Vienna, VA • St. Louis, MO • Seattle, WA • info@openwebstudio.com

Bookmark & Share Bookmark and Share