This is information about a single report in the Awooga system.
URLs | http://phppot.com/php/php-login-script-with-session/ | ||
---|---|---|---|
Issues | sql-injection | Unresolved |
This site contains a large number of SQL injections, all or mostly involving the legacy mysql library. Interestingly the author cites parameterisation as a benefit of MySQLi elsewhere on the site. |
password-clear | Unresolved | (No comments added) | |
deprecated-library | Unresolved | (No comments added) | |
Description |
A site with a large number of scripts featuring SQL injection vulnerabilities. A number of articles, including this one, incorrectly advise programmers to store passwords in plain text. |
||
Source | Repo: 1 | ||
Author notified? | No |